aboutsummaryrefslogtreecommitdiff
path: root/net/colo.h
AgeCommit message (Collapse)AuthorFilesLines
2022-09-02net/colo.c: Fix the pointer issue reported by Coverity.Zhang Chen1-0/+1
When enabled the virtio-net-pci, guest network packet will load the vnet_hdr. In COLO status, the primary VM's network packet maybe redirect to another VM, it needs filter-redirect enable the vnet_hdr flag at the same time, COLO-proxy will correctly parse the original network packet. If have any misconfiguration here, the vnet_hdr_len is wrong for parse the packet, the data+offset will point to wrong place. Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-11-03Optimized the function of fill_connection_key.Rao, Lei1-3/+3
Remove some unnecessary code to improve the performance of the filter-rewriter module. Signed-off-by: Lei Rao <lei.rao@intel.com> Reviewed-by: Zhang Chen <chen.zhang@intel.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@trasno.org>
2021-06-11Add a function named packet_new_nocopy for COLO.Rao, Lei1-0/+1
Use the packet_new_nocopy instead of packet_new in the filter-rewriter module. There will be one less memory copy in the processing of each network packet. Signed-off-by: Lei Rao <lei.rao@intel.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Reviewed-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2020-06-18net/colo-compare.c: Fix deadlock in compare_chr_sendLukas Straub1-0/+1
The chr_out chardev is connected to a filter-redirector running in the main loop. qemu_chr_fe_write_all might block here in compare_chr_send if the (socket-)buffer is full. If another filter-redirector in the main loop want's to send data to chr_pri_in it might also block if the buffer is full. This leads to a deadlock because both event loops get blocked. Fix this by converting compare_chr_send to a coroutine and putting the packets in a send queue. Signed-off-by: Lukas Straub <lukasstraub2@web.de> Reviewed-by: Zhang Chen <chen.zhang@intel.com> Tested-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2019-05-13Clean up header guards that don't match their file nameMarkus Armbruster1-3/+3
Header guard symbols should match their file name to make guard collisions less likely. Cleaned up with scripts/clean-header-guards.pl, followed by some renaming of new guard symbols picked by the script to better ones. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20190315145123.28030-6-armbru@redhat.com> [Rebase to master: update include/hw/net/ne2000-isa.h]
2019-01-14net: do not depend on slirp internalsMarc-André Lureau1-4/+3
Only slirp/libslirp.h should be included. Instead of using some slirp declarations and utility functions directly, let's copy them in net/util.h. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2018-10-19filter-rewriter: handle checkpoint and failover eventZhang Chen1-0/+2
After one round of checkpoint, the states between PVM and SVM become consistent, so it is unnecessary to adjust the sequence of net packets for old connections, besides, while failover happens, filter-rewriter will into failover mode that needn't handle the new TCP connection. Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-10-19filter-rewriter: Add TCP state machine and fix memory leak in ↵Zhang Chen1-5/+4
connection_track_table We add almost full TCP state machine in filter-rewriter, except TCPS_LISTEN and some simplify in VM active close FIN states. The reason for this simplify job is because guest kernel will track the TCP status and wait 2MSL time too, if client resend the FIN packet, guest will resend the last ACK, so we needn't wait 2MSL time in filter-rewriter. After a net connection is closed, we didn't clear its related resources in connection_track_table, which will lead to memory leak. Let's track the state of net connection, if it is closed, its related resources will be cleared up. Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-01-29colo: compare the packet based on the tcp sequence numberMao Zhongyi1-0/+15
Packet size some time different or when network is busy. Based on same payload size, but TCP protocol can not guarantee send the same one packet in the same way, like that: We send this payload: ------------------------------ | header |1|2|3|4|5|6|7|8|9|0| ------------------------------ primary: ppkt1: ---------------- | header |1|2|3| ---------------- ppkt2: ------------------------ | header |4|5|6|7|8|9|0| ------------------------ secondary: spkt1: ------------------------------ | header |1|2|3|4|5|6|7|8|9|0| ------------------------------ In the original method, ppkt1 and ppkt2 are different in size and spkt1, so they can't compare and trigger the checkpoint. I have tested FTP get 200M and 1G file many times, I found that the performance was less than 1% of the native. Now I reconstructed the comparison of TCP packets based on the TCP sequence number. first of all, ppkt1 and spkt1 have the same starting sequence number, so they can compare, even though their length is different. And then ppkt1 with a smaller payload length is used as the comparison length, if the payload is same, send out the ppkt1 and record the offset(the length of ppkt1 payload) in spkt1. The next comparison, ppkt2 and spkt1 can be compared from the recorded position of spkt1. like that: ---------------- | header |1|2|3| ppkt1 ---------|-----| | | ---------v-----v-------------- | header |1|2|3|4|5|6|7|8|9|0| spkt1 ---------------|\------------| | \offset | ---------v-------------v | header |4|5|6|7|8|9|0| ppkt2 ------------------------ In this way, the performance can reach native 20% in my multiple tests. Cc: Zhang Chen <zhangckid@gmail.com> Cc: Li Zhijian <lizhijian@cn.fujitsu.com> Cc: Jason Wang <jasowang@redhat.com> Signed-off-by: Mao Zhongyi <maozy.fnst@cn.fujitsu.com> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com> Signed-off-by: Zhang Chen <zhangckid@gmail.com> Reviewed-by: Zhang Chen <zhangckid@gmail.com> Tested-by: Zhang Chen <zhangckid@gmail.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-11-13colo: Consolidate the duplicate code chunk into a routineMao Zhongyi1-0/+1
Consolidate the code that extract the ip address(src,dst) and port number(src,dst) of the packet into a separate routine extract_ip_and_port() since the same chunk of code is called from two place. Cc: Zhang Chen <zhangckid@gmail.com> Cc: Li Zhijian <lizhijian@cn.fujitsu.com> Cc: Jason Wang <jasowang@redhat.com> Signed-off-by: Mao Zhongyi <maozy.fnst@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-07-17net/colo.c: Make vnet_hdr_len as packet propertyZhang Chen1-1/+3
We can use this property flush and send packet with vnet_hdr_len. Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2016-09-27filter-rewriter: rewrite tcp packet to keep secondary connectionZhang Chen1-0/+7
We will rewrite tcp packet secondary received and sent. When colo guest is a tcp server. Firstly, client start a tcp handshake. the packet's seq=client_seq, ack=0,flag=SYN. COLO primary guest get this pkt and mirror(filter-mirror) to secondary guest, secondary get it use filter-redirector. Then,primary guest response pkt (seq=primary_seq,ack=client_seq+1,flag=ACK|SYN). secondary guest response pkt (seq=secondary_seq,ack=client_seq+1,flag=ACK|SYN). In here,we use filter-rewriter save the secondary_seq to it's tcp connection. Finally handshake,client send pkt (seq=client_seq+1,ack=primary_seq+1,flag=ACK). Here,filter-rewriter can get primary_seq, and rewrite ack from primary_seq+1 to secondary_seq+1, recalculate checksum. So the secondary tcp connection kept good. When we send/recv packet. client send pkt(seq=client_seq+1+data_len,ack=primary_seq+1,flag=ACK|PSH). filter-rewriter rewrite ack and send to secondary guest. primary guest response pkt (seq=primary_seq+1,ack=client_seq+1+data_len,flag=ACK) secondary guest response pkt (seq=secondary_seq+1,ack=client_seq+1+data_len,flag=ACK) we rewrite secondary guest seq from secondary_seq+1 to primary_seq+1. So tcp connection kept good. In code We use offset( = secondary_seq - primary_seq ) to rewrite seq or ack. handle_primary_tcp_pkt: tcp_pkt->th_ack += offset; handle_secondary_tcp_pkt: tcp_pkt->th_seq -= offset; Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2016-09-27filter-rewriter: track connection and parse packetZhang Chen1-0/+1
We use net/colo.h to track connection and parse packet Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2016-09-27colo-compare: introduce packet comparison threadZhang Chen1-0/+3
If primary packet is same with secondary packet, we will send primary packet and drop secondary packet, otherwise notify COLO frame to do checkpoint. If primary packet comes but secondary packet does not, after REGULAR_PACKET_CHECK_MS milliseconds we set the primary packet as old_packet,then do a checkpoint. Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2016-09-27colo-compare: track connection and enqueue packetZhang Chen1-0/+39
In this patch we use kernel jhash table to track connection, and then enqueue net packet like this: + CompareState ++ | | +---------------+ +---------------+ +---------------+ |conn list +--->conn +--------->conn | +---------------+ +---------------+ +---------------+ | | | | | | +---------------+ +---v----+ +---v----+ +---v----+ +---v----+ |primary | |secondary |primary | |secondary |packet | |packet + |packet | |packet + +--------+ +--------+ +--------+ +--------+ | | | | +---v----+ +---v----+ +---v----+ +---v----+ |primary | |secondary |primary | |secondary |packet | |packet + |packet | |packet + +--------+ +--------+ +--------+ +--------+ | | | | +---v----+ +---v----+ +---v----+ +---v----+ |primary | |secondary |primary | |secondary |packet | |packet + |packet | |packet + +--------+ +--------+ +--------+ +--------+ We use conn_list to record connection info. When we want to enqueue a packet, firstly get the connection from connection_track_table. then push the packet to g_queue(pri/sec) in it's own conn. Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2016-09-27Jhash: add linux kernel jhashtable in qemuZhang Chen1-0/+1
Jhash will be used by colo-compare and filter-rewriter to save and lookup net connection info Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2016-09-27net/colo.c: add colo.c to define and handle packetZhang Chen1-0/+37
The net/colo.c is used by colo-compare and filter-rewriter. this can share common data structure like net packet, and other functions. Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>