New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bpf: various datapath follow-up optimisations and fixes #11924
Conversation
The way set_dsr_opt4() inserts the IP option is rather inefficient as we have 2 csum_diff() and 2 ctx_store_bytes() calls. These can be avoided and reduced to once each which will shave off expensive calls in particular for the csum calculation. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Calling a helper for small-sized csum_diff() doesn't make sense and is expensive. Just do it inline in BPF instead. This helps performance on the load-balancer side in particular where we DNAT/SNAT IPv4. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
test-me-please |
da24547
to
5e36fa9
Compare
test-me-please |
retest-4.9 |
2 similar comments
retest-4.9 |
retest-4.9 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Diff looks big but almost 400LoC is just Linux bpf.h header updates, then another 50 is moving the same csum header code from one place to another.
I looked at the individual changes, they all look like pretty minor shuffling of code to reduce duplicate cases and reduce unnecessary initializations & calls from paths that wouldn't necessarily make use of the code being moved.
LGTM.
@borkmann why did 4.9 tests require restarts multiple times? |
Looks like in each of the cases it fails with |
retest-4.9 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Just one question.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One nit (not worth it if the PR is ready to go). LGTM otherwise!
I couldn't find anything that would explain the 4.9 failure, but that error doesn't seem to happen on master.
…ling Extend csum_diff() to handle the case where we have a prior seed, and compile out the SNAT to loopback entirely since we only ever need it in the bpf_lxc lb4_xlate() case (netdev lb is compiled with DISABLE_LOOPBACK_LB). Also, small change to reorder the tests on lb{4,6}_svc_is_nodeport() to test the more commonly used cases first. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Resync in order to get UAPI bits for [0] included. [0] https://lore.kernel.org/bpf/cover.1591108731.git.daniel@iogearbox.net/ Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
See also [0]. Fall back to passing in 0 flags for older kernels. We do not push/pop protocol headers but rather keep the same layers instead, therefore there is also no point in changing to csum_none. We can probe on csum_level() helper for this since both are needed if this gets ever backported somewhere. [0] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=836e66c218f355ec01ba57671c85abf32961dcea [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7cdec54f9713256bb170873a1fc5c75c9127c9d2 Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
5e36fa9
to
0935675
Compare
test-me-please |
@borkmann Did you find and fix the 4.9 issue with |
I bisected a change in my code and I had to undo one optimization, that is, to merge both csum updates into a single once since in one case it was called with pseduo-hdr flag and in the other case it was not (the port updates). With that fixed, CI went green here. |
See commit msgs for details. Needed in 1.8.0.