diff options
| author | David S. Miller <davem@davemloft.net> | 2017-01-09 04:59:03 +0300 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2017-01-09 04:59:03 +0300 |
| commit | 4289e60cb056ccae4311197d8a4a798aca0f8e55 (patch) | |
| tree | 2a40cf0584931cbc96185814f8d922fd4f363f00 /include/uapi | |
| parent | 29b84f20e2c59317db133d5dab96bbf500714227 (diff) | |
| parent | bc31c905e946b5c55df5d2938335e78ffb3157ca (diff) | |
| download | linux-4289e60cb056ccae4311197d8a4a798aca0f8e55.tar.xz | |
Merge branch 'tc-skb-diet'
Willem de Bruijn says:
====================
convert tc_verd to integer bitfields
The skb tc_verd field takes up two bytes but uses far fewer bits.
Convert the remaining use cases to bitfields that fit in existing
holes (depending on config options) and potentially save the two
bytes in struct sk_buff.
This patchset is based on an earlier set by Florian Westphal and its
discussion (http://www.spinics.net/lists/netdev/msg329181.html).
Patches 1 and 2 are low hanging fruit: removing the last traces of
data that are no longer stored in tc_verd.
Patches 3 and 4 convert tc_verd to individual bitfields (5 bits).
Patch 5 reduces TC_AT to a single bitfield,
as AT_STACK is not valid here (unlike in the case of TC_FROM).
Patch 6 changes TC_FROM to two bitfields with clearly defined purpose.
It may be possible to reduce storage further after this initial round.
If tc_skip_classify is set only by IFB, testing skb_iif may suffice.
The L2 header pushing/popping logic can perhaps be shared with
AF_PACKET, which currently not pkt_type for the same purpose.
Changes:
RFC -> v1
- (patch 3): remove no longer needed label in tfc_action_exec
- (patch 5): set tc_at_ingress at the same points as existing
SET_TC_AT calls
Tested ingress mirred + netem + ifb:
ip link set dev ifb0 up
tc qdisc add dev eth0 ingress
tc filter add dev eth0 parent ffff: \
u32 match ip dport 8000 0xffff \
action mirred egress redirect dev ifb0
tc qdisc add dev ifb0 root netem delay 1000ms
nc -u -l 8000 &
ssh $otherhost nc -u $host 8000
Tested egress mirred:
ip link add veth1 type veth peer name veth2
ip link set dev veth1 up
ip link set dev veth2 up
tcpdump -n -i veth2 udp and dst port 8000 &
tc qdisc add dev eth0 root handle 1: prio
tc filter add dev eth0 parent 1:0 \
u32 match ip dport 8000 0xffff \
action mirred egress redirect dev veth1
tc qdisc add dev veth1 root netem delay 1000ms
nc -u $otherhost 8000
Tested ingress mirred:
ip link add veth1 type veth peer name veth2
ip link add veth3 type veth peer name veth4
ip netns add ns0
ip netns add ns1
for i in 1 2 3 4; do \
NS=ns$((${i}%2)); \
ip link set dev veth${i} netns ${NS}; \
ip netns exec ${NS} \
ip addr add dev veth${i} 192.168.1.${i}/24; \
ip netns exec ${NS} \
ip link set dev veth${i} up; \
done
ip netns exec ns0 tc qdisc add dev veth2 ingress
ip netns exec ns0 \
tc filter add dev veth2 parent ffff: \
u32 match ip dport 8000 0xffff \
action mirred ingress redirect dev veth4
ip netns exec ns0 \
tcpdump -n -i veth4 udp and dst port 8000 &
ip netns exec ns1 \
nc -u 192.168.1.2 8000
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/uapi')
| -rw-r--r-- | include/uapi/linux/pkt_cls.h | 55 |
1 files changed, 0 insertions, 55 deletions
diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h index cb4bcdc58543..a081efbd61a2 100644 --- a/include/uapi/linux/pkt_cls.h +++ b/include/uapi/linux/pkt_cls.h @@ -4,61 +4,6 @@ #include <linux/types.h> #include <linux/pkt_sched.h> -#ifdef __KERNEL__ -/* I think i could have done better macros ; for now this is stolen from - * some arch/mips code - jhs -*/ -#define _TC_MAKE32(x) ((x)) - -#define _TC_MAKEMASK1(n) (_TC_MAKE32(1) << _TC_MAKE32(n)) -#define _TC_MAKEMASK(v,n) (_TC_MAKE32((_TC_MAKE32(1)<<(v))-1) << _TC_MAKE32(n)) -#define _TC_MAKEVALUE(v,n) (_TC_MAKE32(v) << _TC_MAKE32(n)) -#define _TC_GETVALUE(v,n,m) ((_TC_MAKE32(v) & _TC_MAKE32(m)) >> _TC_MAKE32(n)) - -/* verdict bit breakdown - * -bit 0: when set -> this packet has been munged already - -bit 1: when set -> It is ok to munge this packet - -bit 2,3,4,5: Reclassify counter - sort of reverse TTL - if exceeded -assume loop - -bit 6,7: Where this packet was last seen -0: Above the transmit example at the socket level -1: on the Ingress -2: on the Egress - -bit 8: when set --> Request not to classify on ingress. - -bits 9,10,11: redirect counter - redirect TTL. Loop avoidance - - * - * */ - -#define S_TC_FROM _TC_MAKE32(6) -#define M_TC_FROM _TC_MAKEMASK(2,S_TC_FROM) -#define G_TC_FROM(x) _TC_GETVALUE(x,S_TC_FROM,M_TC_FROM) -#define V_TC_FROM(x) _TC_MAKEVALUE(x,S_TC_FROM) -#define SET_TC_FROM(v,n) ((V_TC_FROM(n)) | (v & ~M_TC_FROM)) -#define AT_STACK 0x0 -#define AT_INGRESS 0x1 -#define AT_EGRESS 0x2 - -#define TC_NCLS _TC_MAKEMASK1(8) -#define SET_TC_NCLS(v) ( TC_NCLS | (v & ~TC_NCLS)) -#define CLR_TC_NCLS(v) ( v & ~TC_NCLS) - -#define S_TC_AT _TC_MAKE32(12) -#define M_TC_AT _TC_MAKEMASK(2,S_TC_AT) -#define G_TC_AT(x) _TC_GETVALUE(x,S_TC_AT,M_TC_AT) -#define V_TC_AT(x) _TC_MAKEVALUE(x,S_TC_AT) -#define SET_TC_AT(v,n) ((V_TC_AT(n)) | (v & ~M_TC_AT)) - -#define MAX_REC_LOOP 4 -#define MAX_RED_LOOP 4 -#endif - /* Action attributes */ enum { TCA_ACT_UNSPEC, |