From patchwork Mon Feb 12 11:30:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leone Fernando X-Patchwork-Id: 13552967 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-wm1-f66.google.com (mail-wm1-f66.google.com [209.85.128.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6083739852; Mon, 12 Feb 2024 11:31:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.66 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707737512; cv=none; b=a58vUPIov5g7oD1lOSl5KFk1JENzmHZF3lMjZg1Lph4EQtmqM1kv1ff5RFW/qWyenEH8sM6sokUCZ+h0gw2EKPUZu0nc5pHSnkhTjIH/C12pgtXSdqewVlXwLoqZcvSTUxHyrhgS9Vy2R5MPkGEIucE9HDnMDF3WYw+Imugrg2E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707737512; c=relaxed/simple; bh=Na/rHa5dAP3l50X//9FCmhKqVB813/sR9Yz3qZ8PB4Y=; h=Message-ID:Date:MIME-Version:Subject:From:To:References: In-Reply-To:Content-Type; b=rW2Vj/PLVFE8L51JRiGhQR+bN87hmKifhNJ/lJ2KNoBh2M7jFpa7z4CukzuPrSdxYYG3klOTuUDbMrZ4xs/3goZYWULrwVd8W9TJIAlVQjoAhJh039WvhlfVq3hua8yWLE0Svb/30DJmr4RC9nvVz9cdldgh7SSU7zM2VC1rOQQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=RRNl1P51; arc=none smtp.client-ip=209.85.128.66 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="RRNl1P51" Received: by mail-wm1-f66.google.com with SMTP id 5b1f17b1804b1-410c1ebf5e4so7973435e9.2; Mon, 12 Feb 2024 03:31:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707737508; x=1708342308; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:references:to:from :content-language:subject:mime-version:date:message-id:from:to:cc :subject:date:message-id:reply-to; bh=OUC5+LMrNmxS7ctyeH5pl2x/dqcP46pJUlAebEkKzMY=; b=RRNl1P51mIuVsN83b/YxTNo/fsRO5Erx1wZQ/fvGCy/V+XWsTYQ8gTuVqIJ3/xTE+c 9s/vVQ44yM0kXQDti5EWnSur5LFxpPcG/H9HDtiXU9xJuvRLlgCcMLCesS1jk2mcyDMo gcLuGRGeds2X+P01XDd70ssMDAy6xURynnEkXhoHotSmq8n3Z9GD2VZW7FigKl5dLBpF mR2WW3eErrVa65wLekvvv1QIBmlTOOEI6CaTHntiuPSr2BCUQYVUX/iG/bv2MEyUO5mq xT3o04yCQq4uLevuKHhr6rGV+EppgosAeRwHX0rasqtYg5XKU8kSJ4RJjnS9R4FiVbLt wmcA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707737508; x=1708342308; h=content-transfer-encoding:in-reply-to:references:to:from :content-language:subject:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=OUC5+LMrNmxS7ctyeH5pl2x/dqcP46pJUlAebEkKzMY=; b=vj4UF0FRH46dREWHCSWWMKwV9hK2PI29Gkg+ABUPhN0yVFRWLMy/HKpCkpBJXtMeUj krOTXmRGNVXjmctv90lfpUyilFHFTMQcF6DYg5SN+Wgawsmzed4sVNlZQ2m2F4b/KoeM KXx5xUyY9c8EnwzWdgvISoYNUzPSH1CT24lUd5fy6her7GtTHa3fK7ntLpjGCMRNNsQg EsJGHMgIBEhiipGni0BcThGJNyza5XhB/5MC6zbaN1+jpvV/FZ5AtiD0WPKxF4ICrcuW XANhxA0+DEz+HcGb67FPOt5XJAwc75e0TG8crDYINCYDeWSTEr5HSrYyqu+D6KYC3eRb WKvQ== X-Forwarded-Encrypted: i=1; AJvYcCWyKr+AhTi1SEFcwSP0D0p25T9bDMi5BdpFo7sdlHqXzCbu4Pt2s3Gav4d8eC237AB0OI+/CdPvML3v7942h8ioPCJKDqDfgrrXTurxb/1mvKFtNSNMzbpizQI2PQW3gjdywEfh X-Gm-Message-State: AOJu0YyxaGbjh0srqJNNxdAS8gQZWV6gMkVWXrF3N0fzlXRIUjpQez4R zOOIYiFspmuEE2iYO6nKur+JGh/5PmIi+ODIzeVYfllr7H3Odzi6 X-Google-Smtp-Source: AGHT+IE+5zuwW7yrsOv31+vWiPAyUrhpzypF4FkaT/NCs+F+uYeC4DCmPmFSiu9j2c5OOLOnoljCDw== X-Received: by 2002:a05:600c:1994:b0:40f:c404:e2d1 with SMTP id t20-20020a05600c199400b0040fc404e2d1mr6185259wmq.19.1707737508435; Mon, 12 Feb 2024 03:31:48 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCWR2iTtX1e3lWMsiZIItzqZolsT1+SrO+IYPvd4Mnk9qfVk5oqtuTGayfq8h/PdBph1icPKjf5BisiimUASF9I+sJMbX/rkjdA7ww2+/IR14cubejkg/D0c4Ce+O2pqTcY6RSq4xXejeAtRVH8xabBlYSA1374UMSY33rbWPqM8Z/s5rO6XolyLKqdqxDTHi5OCZhx7LD+cb6Xh0IiSJRpNJSAq2wqtmbl68pZEGoadsGk= Received: from localhost ([45.130.85.2]) by smtp.gmail.com with ESMTPSA id r17-20020a05600c35d100b004106c2278eesm8459064wmq.0.2024.02.12.03.31.30 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 12 Feb 2024 03:31:48 -0800 (PST) Message-ID: <152dec8c-176c-4012-bef8-25ccc5785241@gmail.com> Date: Mon, 12 Feb 2024 12:30:40 +0100 Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Subject: [RFC PATCH net-next v2 1/3] net: route: expire rt if the dst it holds is expired Content-Language: en-US From: Leone Fernando To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org References: <3a17c86d-08a5-46d2-8622-abc13d4a411e@gmail.com> In-Reply-To: <3a17c86d-08a5-46d2-8622-abc13d4a411e@gmail.com> X-Patchwork-Delegate: kuba@kernel.org X-Patchwork-State: RFC The function rt_is_expired is used to verify that a cached dst is valid. Currently, this function ignores the rt.dst->expires value. Add a check to rt_is_expired that validates that the dst is not expired. Signed-off-by: Leone Fernando --- net/ipv4/route.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 16615d107cf0..7c5e68117ee2 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -392,7 +392,8 @@ static inline int ip_rt_proc_init(void) static inline bool rt_is_expired(const struct rtable *rth) { - return rth->rt_genid != rt_genid_ipv4(dev_net(rth->dst.dev)); + return rth->rt_genid != rt_genid_ipv4(dev_net(rth->dst.dev)) || + (rth->dst.expires && time_after(jiffies, rth->dst.expires)); } void rt_cache_flush(struct net *net) From patchwork Mon Feb 12 11:33:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leone Fernando X-Patchwork-Id: 13552975 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 29EBF39843; Mon, 12 Feb 2024 11:33:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.67 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707737626; cv=none; b=saNAl4C9nkiSAfP/Xj+chYspm7MKJVNouOtJ0ytd8kQaHZ/2OtxFe0ZfPc7Gdu4ICksxVmqBhkf/tbOkuHAdCs6ogB/VING4ZkqPydIv4ITiItpB1B8GE2YuRjcImWUTIxe0CHNTk5Dsn6BnrKW7CsYWIlIrU+HX1s3N3p9bJHg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707737626; c=relaxed/simple; bh=mqXV0hyS2M2iYooMn7ioshg5LKok7w/6AGMAEnz3aH0=; h=Message-ID:Date:MIME-Version:Subject:From:To:References: In-Reply-To:Content-Type; b=LAqhE2s71CuY/nu9VJy2s23O1GHH144Ml90EW0SxbAab5mXk2YOjb1fbmxb3O40rSb63w7t/LAhaJPgB+Fuy5jZJtXkdUA4B0s/zidjSp8UkTZdsRntEYlGzfSpqIdSgVwGFD/7OP9wHTrP+VRoq9nXc3PqbFkFtILr4FOq/udc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=M8b1V8/h; arc=none smtp.client-ip=209.85.128.67 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="M8b1V8/h" Received: by mail-wm1-f67.google.com with SMTP id 5b1f17b1804b1-4114e0a2978so1620745e9.3; Mon, 12 Feb 2024 03:33:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707737622; x=1708342422; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:references:to:from :content-language:subject:mime-version:date:message-id:from:to:cc :subject:date:message-id:reply-to; bh=u4RM3XtgRsxdOxtEq0mpMcqUSwQfxyCSmxhKMJArBMY=; b=M8b1V8/hrmGe3LifOUNgcikUwn1W149NGI/n6NRpKIh8h2e8tv7JFE5hD6/voufF9C CNtHOhnPfoe15Zeh4oGWEVn+rnaIg7Wz4qfvBiBVwo5ZDLnZgMMObPIBK0T4aaJhx+cx /LFbMO8w6f5g2KW0bMDECcKbaKFl4rFBwz1fJ0bWQHhpa4213n4v2f2UJ9zc2599Ft5Z x393e/Yf1oDFnnaaia6ViF3M0/QMFTVfeeXDccmVaTZ0vya0d5pphZoQFdvZOkiqBmEN 6MmPcIrGBE2kwdkoF1p204eForN0/fPjaiuNqxOcYG2Tba9buENv1vuLmXooODUwppLS JrIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707737622; x=1708342422; h=content-transfer-encoding:in-reply-to:references:to:from :content-language:subject:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=u4RM3XtgRsxdOxtEq0mpMcqUSwQfxyCSmxhKMJArBMY=; b=A/q9Z25SYufVx596pcPzbsI4vXabps2lsCntpkuyqq3+kSoNZ9pWIMFaFSynvrdffF XfTFxq5wq1ww1E2760jZTCRj9RMwkhSyBbrWTozQez42oORE8oXR1+f/Z2bhIq4BU35+ QewjiJuQsR1V0anKav1wGo3oywY8UZj1HCNCiOjtDTfcyGbP19cm/8Gn3d18qSCd+yqM Gv1PBmuuAH/61j8/8K9gdJpndn60K7gleDfeHdRKuIdb+vbEap4UwJ+Xg6b968MsVxlD fKBljimVh97qjTl9zTW7L/NtTsQeQEjZ14rLpQh+PSb1G+CAg8ckB82rpjPTC8hucthv 7D4A== X-Gm-Message-State: AOJu0YwMlVoTRUPnfFuhfuiymKxwB4jk2nUUAvrZ9gdbVXpV93F7vR2R 1k+2YkBJuQTgOc3d/eSVVsS30xONp7tyCL3R4ipJs/LjZCZZykGp X-Google-Smtp-Source: AGHT+IF8lCQ9H9UHQDWHngPiP0IoMu0v1EzVcByJlsBMzmgeyFwRzihVmI5i8QIy4sw+lXrTmYxrww== X-Received: by 2002:a05:600c:5117:b0:40f:df31:6cac with SMTP id o23-20020a05600c511700b0040fdf316cacmr6249594wms.4.1707737622142; Mon, 12 Feb 2024 03:33:42 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCUA45XIDOyYDC4wHrktsI/4PTgHN4p7Gpf+se0FZytCCE3HTGdzfnYW2ajIGLk/hbgTCEdVPWdEH3YjrIdI/U68/7amcytHCvYPkE5k2RyteXeYQ2V19jwk6lIZXDQxr2c0Wcpq8K0rtcY6b78fFVAf/VSskOEi3f2m9H0NmqaIIcgyCR8YI89FlKuzbIxnx4bketGycCd3YCHU0nRGF6su0HFwwGUpOOge9BKxxVYAWFg= Received: from localhost ([45.130.85.2]) by smtp.gmail.com with ESMTPSA id r17-20020a05600c35d100b004106c2278eesm8459064wmq.0.2024.02.12.03.33.24 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 12 Feb 2024 03:33:41 -0800 (PST) Message-ID: <52164b40-2074-4cfd-aeb4-c1a322976eba@gmail.com> Date: Mon, 12 Feb 2024 12:33:06 +0100 Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Subject: [RFC PATCH net-next v2 2/3] net: dst_cache: add input_dst_cache API Content-Language: en-US From: Leone Fernando To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org References: <3a17c86d-08a5-46d2-8622-abc13d4a411e@gmail.com> In-Reply-To: <3a17c86d-08a5-46d2-8622-abc13d4a411e@gmail.com> X-Patchwork-Delegate: kuba@kernel.org X-Patchwork-State: RFC The input_dst_cache allows fast lookup of frequently encountered dsts. In order to provide stable results, I implemented a simple linear hashtable with each bucket containing a constant amount of entries (DST_CACHE_INPUT_BUCKET_SIZE). Similarly to how the route hint is used, I defined the hashtable key to contain the daddr and the tos of the IP header. Lookup is performed in a straightforward manner: start at the bucket head corresponding the hashed key and search the following DST_CACHE_INPUT_BUCKET_SIZE entries of the array for a matching key. When inserting a new dst to the cache, if all the bucket entries are full, the oldest one is deleted to make room for the new dst. Signed-off-by: Leone Fernando --- include/net/dst_cache.h | 69 +++++++++++++++++++++ net/core/dst_cache.c | 132 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 201 insertions(+) diff --git a/include/net/dst_cache.h b/include/net/dst_cache.h index df6622a5fe98..4c5474c44cad 100644 --- a/include/net/dst_cache.h +++ b/include/net/dst_cache.h @@ -7,12 +7,40 @@ #if IS_ENABLED(CONFIG_IPV6) #include #endif +#include + +#define DST_CACHE_INPUT_SHIFT (9) +#define DST_CACHE_INPUT_SIZE (1 << DST_CACHE_INPUT_SHIFT) +#define DST_CACHE_INPUT_BUCKET_SIZE (4) +#define DST_CACHE_INPUT_HASH_MASK (~(DST_CACHE_INPUT_BUCKET_SIZE - 1)) +#define INVALID_DST_CACHE_INPUT_KEY (~(u64)(0)) struct dst_cache { struct dst_cache_pcpu __percpu *cache; unsigned long reset_ts; }; +extern unsigned int dst_cache_net_id __read_mostly; + +/** + * idst_for_each_in_bucket - iterate over a dst cache bucket + * @pos: the type * to use as a loop cursor + * @head: the head of the cpu dst cache. + * @hash: the hash of the bucket + */ +#define idst_for_each_in_bucket(pos, head, hash) \ + for (pos = &head[hash]; \ + pos < &head[hash + DST_CACHE_INPUT_BUCKET_SIZE]; \ + pos++) + +/** + * idst_for_each_in_cache - iterate over the dst cache + * @pos: the type * to use as a loop cursor + * @head: the head of the cpu dst cache. + */ +#define idst_for_each_in_cache(pos, head) \ + for (pos = head; pos < head + DST_CACHE_INPUT_SIZE; pos++) + /** * dst_cache_get - perform cache lookup * @dst_cache: the cache @@ -106,4 +134,45 @@ int dst_cache_init(struct dst_cache *dst_cache, gfp_t gfp); */ void dst_cache_destroy(struct dst_cache *dst_cache); +/** + * dst_cache_input_get_noref - perform lookup in the input cache, + * return a noref dst + * @dst_cache: the input cache + * @skb: the packet according to which the dst entry will be searched + * local BH must be disabled. + */ +struct dst_entry *dst_cache_input_get_noref(struct dst_cache *dst_cache, + struct sk_buff *skb); + +/** + * dst_cache_input_add - add the dst of the given skb to the input cache. + * + * in case the cache bucket is full, the oldest entry will be deleted + * and replaced with the new one. + * @dst_cache: the input cache + * @skb: The packet according to which the dst entry will be searched + * + * local BH must be disabled. + */ +void dst_cache_input_add(struct dst_cache *dst_cache, + const struct sk_buff *skb); + +/** + * dst_cache_input_init - initialize the input cache, + * allocating the required storage + */ +int __init dst_cache_input_init(void); + +static inline u64 create_dst_cache_key_ip4(const struct sk_buff *skb) +{ + struct iphdr *iphdr = ip_hdr(skb); + + return (((u64)iphdr->daddr) << 8) | iphdr->tos; +} + +static inline u32 hash_dst_cache_key(u64 key) +{ + return hash_64(key, DST_CACHE_INPUT_SHIFT) & DST_CACHE_INPUT_HASH_MASK; +} + #endif diff --git a/net/core/dst_cache.c b/net/core/dst_cache.c index 0ccfd5fa5cb9..e551b9ce5108 100644 --- a/net/core/dst_cache.c +++ b/net/core/dst_cache.c @@ -13,6 +13,7 @@ #include #endif #include +#include struct dst_cache_pcpu { unsigned long refresh_ts; @@ -21,9 +22,12 @@ struct dst_cache_pcpu { union { struct in_addr in_saddr; struct in6_addr in6_saddr; + u64 key; }; }; +unsigned int dst_cache_net_id __read_mostly; + static void dst_cache_per_cpu_dst_set(struct dst_cache_pcpu *dst_cache, struct dst_entry *dst, u32 cookie) { @@ -181,3 +185,131 @@ void dst_cache_reset_now(struct dst_cache *dst_cache) } } EXPORT_SYMBOL_GPL(dst_cache_reset_now); + +static void dst_cache_input_set(struct dst_cache_pcpu *idst, + struct dst_entry *dst, u64 key) +{ + dst_cache_per_cpu_dst_set(idst, dst, 0); + idst->key = key; + idst->refresh_ts = jiffies; +} + +static struct dst_entry *__dst_cache_input_get_noref(struct dst_cache_pcpu *idst) +{ + struct dst_entry *dst = idst->dst; + + if (unlikely(dst->obsolete && !dst->ops->check(dst, idst->cookie))) { + dst_cache_input_set(idst, NULL, INVALID_DST_CACHE_INPUT_KEY); + goto fail; + } + + idst->refresh_ts = jiffies; + return dst; + +fail: + return NULL; +} + +struct dst_entry *dst_cache_input_get_noref(struct dst_cache *dst_cache, + struct sk_buff *skb) +{ + struct dst_entry *out_dst = NULL; + struct dst_cache_pcpu *pcpu_cache; + struct dst_cache_pcpu *idst; + u32 hash; + u64 key; + + pcpu_cache = this_cpu_ptr(dst_cache->cache); + key = create_dst_cache_key_ip4(skb); + hash = hash_dst_cache_key(key); + idst_for_each_in_bucket(idst, pcpu_cache, hash) { + if (key == idst->key) { + out_dst = __dst_cache_input_get_noref(idst); + goto out; + } + } +out: + return out_dst; +} + +static void dst_cache_input_reset_now(struct dst_cache *dst_cache) +{ + struct dst_cache_pcpu *caches; + struct dst_cache_pcpu *idst; + struct dst_entry *dst; + int i; + + for_each_possible_cpu(i) { + caches = per_cpu_ptr(dst_cache->cache, i); + idst_for_each_in_cache(idst, caches) { + idst->key = INVALID_DST_CACHE_INPUT_KEY; + dst = idst->dst; + if (dst) + dst_release(dst); + } + } +} + +static int __net_init dst_cache_input_net_init(struct net *net) +{ + struct dst_cache *dst_cache = net_generic(net, dst_cache_net_id); + + dst_cache->cache = (struct dst_cache_pcpu __percpu *)alloc_percpu_gfp(struct dst_cache_pcpu[DST_CACHE_INPUT_SHIFT], + GFP_KERNEL | __GFP_ZERO); + if (!dst_cache->cache) + return -ENOMEM; + + dst_cache_input_reset_now(dst_cache); + return 0; +} + +static void __net_exit dst_cache_input_net_exit(struct net *net) +{ + struct dst_cache *dst_cache = net_generic(net, dst_cache_net_id); + + dst_cache_input_reset_now(dst_cache); + free_percpu(dst_cache->cache); + dst_cache->cache = NULL; +} + +static bool idst_empty(struct dst_cache_pcpu *idst) +{ + return idst->key == INVALID_DST_CACHE_INPUT_KEY; +} + +void dst_cache_input_add(struct dst_cache *dst_cache, const struct sk_buff *skb) +{ + struct dst_cache_pcpu *entry = NULL; + struct dst_cache_pcpu *pcpu_cache; + struct dst_cache_pcpu *idst; + u32 hash; + u64 key; + + pcpu_cache = this_cpu_ptr(dst_cache->cache); + key = create_dst_cache_key_ip4(skb); + hash = hash_dst_cache_key(key); + idst_for_each_in_bucket(idst, pcpu_cache, hash) { + if (idst_empty(idst)) { + entry = idst; + goto add_to_cache; + } + if (!entry || time_before(idst->refresh_ts, entry->refresh_ts)) + entry = idst; + } + +add_to_cache: + dst_cache_input_set(entry, skb_dst(skb), key); +} + +static struct pernet_operations dst_cache_input_ops __net_initdata = { + .init = dst_cache_input_net_init, + .exit = dst_cache_input_net_exit, + .id = &dst_cache_net_id, + .size = sizeof(struct dst_cache), +}; + +int __init dst_cache_input_init(void) +{ + return register_pernet_subsys(&dst_cache_input_ops); +} +subsys_initcall(dst_cache_input_init); From patchwork Mon Feb 12 11:34:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leone Fernando X-Patchwork-Id: 13552976 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-lf1-f65.google.com (mail-lf1-f65.google.com [209.85.167.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 207A238FB0; Mon, 12 Feb 2024 11:35:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.65 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707737728; cv=none; b=ECnZMpeFUkCcCFo1xFoWkj+f8fANQ0blXeTjRO9GGxCH7xS3JozVIKMNQ83yS0aC/U/cbOTo3Cdh3ltgpOpXRMYObEEbJXa8ciqMIKLofONmXYmqJnjQkIWTXWWeTcZdqsDRiah5OnLeAirFiTIXgilLbWRsjWDRlB81RMrBKPY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707737728; c=relaxed/simple; bh=ZJSyLgJ61nDMOcehRqEBFXo3jWlONyIZTqzQ93mmFDQ=; h=Message-ID:Date:MIME-Version:Subject:From:To:References: In-Reply-To:Content-Type; b=hhbUiGnIsBXGspp1Mm9MTR/sl6JKLpvT9snG3k0Dv8s3LC90EApsVEfcmG3t2TrbRdCn2neVCpdIkbmM2xMbG4RcHNxY4aZnlZbk0HE45ElY+U8ZSO+LwDxfvTQeasOlZ7IT/yMqiVZ+LT5XXyZ5B9uFkozOT4VOuyVQ0FANi+0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=f9xk1CHq; arc=none smtp.client-ip=209.85.167.65 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="f9xk1CHq" Received: by mail-lf1-f65.google.com with SMTP id 2adb3069b0e04-5114c05806eso4796806e87.1; Mon, 12 Feb 2024 03:35:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707737725; x=1708342525; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:references:to:from :content-language:subject:mime-version:date:message-id:from:to:cc :subject:date:message-id:reply-to; bh=500hpU7ciKstMts7ME1z4g/cj3B8hAa7ln6Zs2/XYoA=; b=f9xk1CHquk/oG43cuEF2YAYafe8mFVNOOrN7hCMQJk3D0rhEAbc67mdlJFIyqhQhls h8NMM7aO+9zUdmz4ha4gzMZ3sVlPodbNUPm3l0D3UxW/TOeGfKH8KoKHgLmyIcQZEKwa 0Zcg4Gu/1giMhY8kDnSffHkzMfEVALp7zfLIb/1JwFUNQxkVHvbzOJvwS82x52AhBAjT 2QAP6RRni33C3tpp4ImOfLAPLdYO40JHUdLu4ibQTsFFUrsg53Dymnb4BeeFsOc9Qv7t 2JRLIUa7ic/adOTrO8asG5rrTgz5ydsA8fCjxcf3BFb9YpXfQ+vDXOA4qa2bCIx9q5np Z0xw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707737725; x=1708342525; h=content-transfer-encoding:in-reply-to:references:to:from :content-language:subject:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=500hpU7ciKstMts7ME1z4g/cj3B8hAa7ln6Zs2/XYoA=; b=uhFGp/zlSrxk91X6kE4G5EHwkV8i1Snp+fEFu8XhYVuzYwZSw6ow6zSM20XGy6e8zC MQahAfyrym3oYBtQgGCwMXCYriUJUiqia8YbN5KDmEq/QEAB4ymE76oSYZEFiWyRgCYw qnXJi4JX778P+mLoQgAcZtk2ylWjqG8uusvmiehwxxZH78hBSn8H/81NC6FYwzFSAvHO lCMKSVoFS1AbaYUOtXKlvujYAtAMvSxXb6F4erYsO/kk2mfS9OB2OU84ZMr+o5OHE54r Oo3IdPeJfUDj+4+wnlfL6ePmPx3aXqYoFebNWtUGYF+ql/ayDwA3Z1WR2mb418n5mq3w TsUQ== X-Forwarded-Encrypted: i=1; AJvYcCVHZLd8PTrvzb7XZEeYOUBmxdyYXCdnXwhv0Jp37a/Z1XJKxuu3UgWSxvNlfiGAGvf5B3F83z8yYNtCxfgFszcGsw3gKq8yOyv3Tj0I4kWhoHZYUTVNlOx2LlD8/RayXUsZfLpY X-Gm-Message-State: AOJu0YzZMSCWYbhGFmXA7dngcexIf6lww8J/vVX8vaLlAWkFKyw5r7th QJ+Z9grO1wqmNF9cQK0aZUgwLnLRq3XJH6PiJYzILQaCFDpA6SL2 X-Google-Smtp-Source: AGHT+IFpUNu7JBK53C8guILQZxtsAyLk8WnpfH9BF4OYbl5iUfh/HGxaJH08+ixnH7gdiPlAaQi37Q== X-Received: by 2002:a05:6512:2035:b0:511:5653:16ae with SMTP id s21-20020a056512203500b00511565316aemr3826974lfs.42.1707737724901; Mon, 12 Feb 2024 03:35:24 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCUC+1Mo00QG71a+rUD67i+BEwwj7KGFAT5ux0lXrJZo6h2psbYW8vhlqnJA0urpsYBLP4f4H3Oopo50jmc3Y8uNRP5nAmRJ2JwqSqcKc6uZJyQaK8iBhkKmg+BfVVrTewsdlwcWv0U2Fw0D3D8T21kR5yh08soHDfJOeqATAggn9YbknNSgGC4OmqvvysVS28hSUmnfACGN0q7LqsEhpKWA+8UxAX4h0WcYPAUk+dLTm7I= Received: from localhost ([45.130.85.2]) by smtp.gmail.com with ESMTPSA id r17-20020a05600c35d100b004106c2278eesm8459064wmq.0.2024.02.12.03.35.09 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 12 Feb 2024 03:35:24 -0800 (PST) Message-ID: <484f2e68-a5d0-4ddb-9f7b-22acd95d4cce@gmail.com> Date: Mon, 12 Feb 2024 12:34:51 +0100 Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Subject: [RFC PATCH net-next v2 3/3] net: route: replace route hints with input_dst_cache Content-Language: en-US From: Leone Fernando To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org References: <3a17c86d-08a5-46d2-8622-abc13d4a411e@gmail.com> In-Reply-To: <3a17c86d-08a5-46d2-8622-abc13d4a411e@gmail.com> X-Patchwork-Delegate: kuba@kernel.org X-Patchwork-State: RFC Replace route hints with cached dsts - ip_rcv_finish_core will first try to use the cache and only then fall back to the demux or perform a full lookup. Only add newly found dsts to the cache after all the checks have passed successfully to avoid adding a dropped packet's dst to the cache. Multicast dsts are not added to the dst_cache as it will require additional checks and multicast packets are rarer and a slower path anyway. A check was added to ip_route_use_dst_cache that prevents forwarding packets received by devices for which forwarding is disabled. Signed-off-by: Leone Fernando --- include/net/route.h | 6 ++--- net/ipv4/ip_input.c | 58 ++++++++++++++++++++++++--------------------- net/ipv4/route.c | 36 +++++++++++++++++++++------- 3 files changed, 61 insertions(+), 39 deletions(-) diff --git a/include/net/route.h b/include/net/route.h index 980ab474eabd..a5a2f55947d6 100644 --- a/include/net/route.h +++ b/include/net/route.h @@ -189,9 +189,9 @@ int ip_mc_validate_source(struct sk_buff *skb, __be32 daddr, __be32 saddr, struct in_device *in_dev, u32 *itag); int ip_route_input_noref(struct sk_buff *skb, __be32 dst, __be32 src, u8 tos, struct net_device *devin); -int ip_route_use_hint(struct sk_buff *skb, __be32 dst, __be32 src, - u8 tos, struct net_device *devin, - const struct sk_buff *hint); +int ip_route_use_dst_cache(struct sk_buff *skb, __be32 daddr, __be32 saddr, + u8 tos, struct net_device *dev, + struct dst_entry *dst); static inline int ip_route_input(struct sk_buff *skb, __be32 dst, __be32 src, u8 tos, struct net_device *devin) diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c index 5e9c8156656a..35c8b122d62f 100644 --- a/net/ipv4/ip_input.c +++ b/net/ipv4/ip_input.c @@ -305,30 +305,44 @@ static inline bool ip_rcv_options(struct sk_buff *skb, struct net_device *dev) return true; } -static bool ip_can_use_hint(const struct sk_buff *skb, const struct iphdr *iph, - const struct sk_buff *hint) +static bool ip_can_add_dst_cache(struct sk_buff *skb, __u16 rt_type) { - return hint && !skb_dst(skb) && ip_hdr(hint)->daddr == iph->daddr && - ip_hdr(hint)->tos == iph->tos; + return skb_valid_dst(skb) && + rt_type != RTN_BROADCAST && + rt_type != RTN_MULTICAST && + !(IPCB(skb)->flags & IPSKB_MULTIPATH); +} + +static bool ip_can_use_dst_cache(const struct net *net, struct sk_buff *skb) +{ + return !skb_dst(skb) && !fib4_has_custom_rules(net); } int tcp_v4_early_demux(struct sk_buff *skb); int udp_v4_early_demux(struct sk_buff *skb); static int ip_rcv_finish_core(struct net *net, struct sock *sk, - struct sk_buff *skb, struct net_device *dev, - const struct sk_buff *hint) + struct sk_buff *skb, struct net_device *dev) { + struct dst_cache *dst_cache = net_generic(net, dst_cache_net_id); const struct iphdr *iph = ip_hdr(skb); + struct dst_entry *dst; int err, drop_reason; struct rtable *rt; + bool do_cache; drop_reason = SKB_DROP_REASON_NOT_SPECIFIED; - if (ip_can_use_hint(skb, iph, hint)) { - err = ip_route_use_hint(skb, iph->daddr, iph->saddr, iph->tos, - dev, hint); - if (unlikely(err)) - goto drop_error; + do_cache = ip_can_use_dst_cache(net, skb); + if (do_cache) { + dst = dst_cache_input_get_noref(dst_cache, skb); + if (dst) { + err = ip_route_use_dst_cache(skb, iph->daddr, + iph->saddr, iph->tos, + dev, dst); + if (unlikely(err)) + goto drop_error; + do_cache = false; + } } if (READ_ONCE(net->ipv4.sysctl_ip_early_demux) && @@ -418,6 +432,9 @@ static int ip_rcv_finish_core(struct net *net, struct sock *sk, } } + if (do_cache && ip_can_add_dst_cache(skb, rt->rt_type)) + dst_cache_input_add(dst_cache, skb); + return NET_RX_SUCCESS; drop: @@ -444,7 +461,7 @@ static int ip_rcv_finish(struct net *net, struct sock *sk, struct sk_buff *skb) if (!skb) return NET_RX_SUCCESS; - ret = ip_rcv_finish_core(net, sk, skb, dev, NULL); + ret = ip_rcv_finish_core(net, sk, skb, dev); if (ret != NET_RX_DROP) ret = dst_input(skb); return ret; @@ -581,21 +598,11 @@ static void ip_sublist_rcv_finish(struct list_head *head) } } -static struct sk_buff *ip_extract_route_hint(const struct net *net, - struct sk_buff *skb, int rt_type) -{ - if (fib4_has_custom_rules(net) || rt_type == RTN_BROADCAST || - IPCB(skb)->flags & IPSKB_MULTIPATH) - return NULL; - - return skb; -} - static void ip_list_rcv_finish(struct net *net, struct sock *sk, struct list_head *head) { - struct sk_buff *skb, *next, *hint = NULL; struct dst_entry *curr_dst = NULL; + struct sk_buff *skb, *next; struct list_head sublist; INIT_LIST_HEAD(&sublist); @@ -610,14 +617,11 @@ static void ip_list_rcv_finish(struct net *net, struct sock *sk, skb = l3mdev_ip_rcv(skb); if (!skb) continue; - if (ip_rcv_finish_core(net, sk, skb, dev, hint) == NET_RX_DROP) + if (ip_rcv_finish_core(net, sk, skb, dev) == NET_RX_DROP) continue; dst = skb_dst(skb); if (curr_dst != dst) { - hint = ip_extract_route_hint(net, skb, - ((struct rtable *)dst)->rt_type); - /* dispatch old sublist */ if (!list_empty(&sublist)) ip_sublist_rcv_finish(&sublist); diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 7c5e68117ee2..3f1977f9b25c 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2157,14 +2157,14 @@ static int ip_mkroute_input(struct sk_buff *skb, /* Implements all the saddr-related checks as ip_route_input_slow(), * assuming daddr is valid and the destination is not a local broadcast one. - * Uses the provided hint instead of performing a route lookup. + * Uses the provided dst from dst_cache instead of performing a route lookup. */ -int ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, - u8 tos, struct net_device *dev, - const struct sk_buff *hint) +int ip_route_use_dst_cache(struct sk_buff *skb, __be32 daddr, __be32 saddr, + u8 tos, struct net_device *dev, + struct dst_entry *dst) { struct in_device *in_dev = __in_dev_get_rcu(dev); - struct rtable *rt = skb_rtable(hint); + struct rtable *rt = (struct rtable *)dst; struct net *net = dev_net(dev); int err = -EINVAL; u32 tag = 0; @@ -2178,21 +2178,39 @@ int ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, if (ipv4_is_loopback(saddr) && !IN_DEV_NET_ROUTE_LOCALNET(in_dev, net)) goto martian_source; - if (rt->rt_type != RTN_LOCAL) - goto skip_validate_source; + if (ipv4_is_loopback(daddr) && !IN_DEV_NET_ROUTE_LOCALNET(in_dev, net)) + goto martian_destination; + if (rt->rt_type != RTN_LOCAL) { + if (!IN_DEV_FORWARD(in_dev)) { + err = -EHOSTUNREACH; + goto out_err; + } + goto skip_validate_source; + } tos &= IPTOS_RT_MASK; err = fib_validate_source(skb, saddr, daddr, tos, 0, dev, in_dev, &tag); if (err < 0) goto martian_source; skip_validate_source: - skb_dst_copy(skb, hint); + skb_dst_set_noref(skb, dst); return 0; martian_source: ip_handle_martian_source(dev, in_dev, skb, daddr, saddr); +out_err: return err; + +martian_destination: + RT_CACHE_STAT_INC(in_martian_dst); +#ifdef CONFIG_IP_ROUTE_VERBOSE + if (IN_DEV_LOG_MARTIANS(in_dev)) + net_warn_ratelimited("martian destination %pI4 from %pI4, dev %s\n", + &daddr, &saddr, dev->name); +#endif + err = -EINVAL; + goto out_err; } /* get device for dst_alloc with local routes */ @@ -2213,7 +2231,7 @@ static struct net_device *ip_rt_get_dev(struct net *net, * addresses, because every properly looped back packet * must have correct destination already attached by output routine. * Changes in the enforced policies must be applied also to - * ip_route_use_hint(). + * ip_route_use_dst_cache(). * * Such approach solves two big problems: * 1. Not simplex devices are handled properly.