New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bpf: clean up IPv4 fragments support (and bpf/), add option for map size #10927
Conversation
Remove the CONDITIONAL_PREALLOC flag for the fragment tracking map: This is a LRU map which will not work without pre-allocating the space. Fixes: e65adc0 ("bpf: support IPv4 fragments for L4 load balancer key extraction") Signed-off-by: Quentin Monnet <quentin@isovalent.com>
Support for IPv4 was recently introduced, but a few possible improvements were raised after the merge (see #10264). Let's fix them. Signed-off-by: Quentin Monnet <quentin@isovalent.com>
72474b5
to
870333c
Compare
Add an option to pass a size (number of entries) for the LRU map backing fragment tracking. Default to the current value, 8192. Signed-off-by: Quentin Monnet <quentin@isovalent.com>
The use of preprocessor conditions on definitions is not consistent throughout the bpf/ directory. Several forms are used: - #ifdef foo = #if defined foo = #if defined(foo) Harmonise it: - Use #ifdef if possible (only one check) - Use #if defined(foo) everywhere else Signed-off-by: Quentin Monnet <quentin@isovalent.com>
The former is easier on the eyes, let's switch all occurrences under the bpf/ directory (except for bpf/include/linux/) Signed-off-by: Quentin Monnet <quentin@isovalent.com>
870333c
to
b4f4773
Compare
test-me-please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the BPF-wide cleanups! I have a couple minor comments below.
struct bpf_elf_map __section_maps IPV4_FRAG_DATAGRAMS_MAP = { | ||
.type = BPF_MAP_TYPE_LRU_HASH, | ||
.size_key = sizeof(struct ipv4_frag_id), | ||
.size_value = sizeof(struct ipv4_frag_l4ports), | ||
.pinning = PIN_GLOBAL_NS, | ||
.max_elem = CILIUM_IPV4_FRAG_MAP_MAX_ENTRIES, | ||
.flags = CONDITIONAL_PREALLOC, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could this also be the fix for #10925?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems likely. The -ENOTSUPP
returned would be consistent.
@pchaigno All the nits you pointed out on the tunable option are because I based the changes on the existing option for policy map size. I'm unsure whether to stay close to the code of the existing option or to fix according to your suggestions. (Thanks a lot for the review!) |
Thanks for the cleanups, look good. Agree with both of you. Could we get @pchaigno's feedback addressed but then also for the other options to make them consistent with each other? That would be great, thanks! |
As a follow-up to IPv4 fragmentation cleanup (#10927), improve the way we handle configuration for the maximum number of entries in policy map and fragment-tracking map. Functional change: When the option passed by the user is outside of the limits used for policy map (upper/lower) or fragmap (upper), fall back to the limit and print a warning instead of stopping with an error. Move such "limits" to package "defaults" (We cannot move them to the respective map packages, as those cannot be imported from "config"). Remove unnecessary InitMapInfo() for fragmap. Keep it for policy map, because passing the size at map creation and removing this function would mean: - Updating the list of arguments passed to Open(), OpenAndCreate(), Create() and pass the size (option.Config.PolicyMapMaxEntries) each time, which seems verbose and not really useful. We cannot import the "option" package in "policy" to use the option just once in newMap(). - Making sure that policymap.MaxEntries is never called from other packages before the map is created. This is probably not the case so we do want to set the size before map creation. Signed-off-by: Quentin Monnet <quentin@isovalent.com>
As a follow-up to IPv4 fragmentation cleanup (#10927), clean-up configuration for the maximum number of entries in policy map and fragment-tracking map. Remove unnecessary InitMapInfo() for fragmap. Keep it for policy map, because passing the size at map creation and removing this function would mean: - Updating the list of arguments passed to Open(), OpenAndCreate(), Create() and pass the size (option.Config.PolicyMapEntries) each time, which seems verbose and not really useful. We cannot import the "option" package in "policy" to use the option just once in newMap(). - Making sure that policymap.MaxEntries is never called from other packages before the map is created. This is probably not the case so we do want to set the size before map creation. Initialise policymap.MaxEntries to defaults.PolicyMapEntries. Theoretically we don't have to initialise it because it is overwritten by InitMapInfo() before use, but the unit tests do not call InitMapInfo() and rely a non-zero value to successfully create a map (eppolicymap unit tests also use the value but does not care about map creation being successful). Signed-off-by: Quentin Monnet <quentin@isovalent.com>
As a follow-up to IPv4 fragmentation cleanup (#10927), clean-up configuration for the maximum number of entries in policy map and fragment-tracking map. Remove unnecessary InitMapInfo() for fragmap. Keep it for policy map, because passing the size at map creation and removing this function would mean: - Updating the list of arguments passed to Open(), OpenAndCreate(), Create() and pass the size (option.Config.PolicyMapEntries) each time, which seems verbose and not really useful. We cannot import the "option" package in "policy" to use the option just once in newMap(). - Making sure that policymap.MaxEntries is never called from other packages before the map is created. This is probably not the case so we do want to set the size before map creation. Initialise policymap.MaxEntries to defaults.PolicyMapEntries. Theoretically we don't have to initialise it because it is overwritten by InitMapInfo() before use, but the unit tests do not call InitMapInfo() and rely a non-zero value to successfully create a map (eppolicymap unit tests also use the value but does not care about map creation being successful). Signed-off-by: Quentin Monnet <quentin@isovalent.com>
As a follow-up to IPv4 fragmentation cleanup (#10927), clean-up configuration for the maximum number of entries in policy map and fragment-tracking map. Remove unnecessary InitMapInfo() for fragmap. Keep it for policy map, because passing the size at map creation and removing this function would mean: - Updating the list of arguments passed to Open(), OpenAndCreate(), Create() and pass the size (option.Config.PolicyMapEntries) each time, which seems verbose and not really useful. We cannot import the "option" package in "policy" to use the option just once in newMap(). - Making sure that policymap.MaxEntries is never called from other packages before the map is created. This is probably not the case so we do want to set the size before map creation. Initialise policymap.MaxEntries to defaults.PolicyMapEntries. Theoretically we don't have to initialise it because it is overwritten by InitMapInfo() before use, but the unit tests do not call InitMapInfo() and rely a non-zero value to successfully create a map (eppolicymap unit tests also use the value but does not care about map creation being successful). Signed-off-by: Quentin Monnet <quentin@isovalent.com>
Support for IPv4 was recently introduced, but a few possible improvements were raised after the merge (see #10264). Let's fix them.
One in particular, the removal of the
CONDITIONAL_PREALLOC
flag for the fragment tracking map, is a minor bug fix (this is a LRU map which will not work without pre-allocating the space). Labelling PR as bug because of it, but other commits are not bugfixes so I'm unsure this is the thing to do.Other fixes include:
bpf/
-wide cleanup for__attribute__((packed))
->__packed
bpf/
-wide cleanup for#if defined(foo)
Please refer to individual commit logs for details.