X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=lib%2Fnetlink-socket.c;h=e4cc4ad62810cd5520ea1d3518c295b2ecd9f118;hb=c5cf10598f8c9f4428291e9df3ecd72a05fb1ccf;hp=2d2aa29db9a4b253ae78394360b584e40d6240dc;hpb=2a477244f7479055bca01450eb61ae553a5108a4;p=sliver-openvswitch.git diff --git a/lib/netlink-socket.c b/lib/netlink-socket.c index 2d2aa29db..e4cc4ad62 100644 --- a/lib/netlink-socket.c +++ b/lib/netlink-socket.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2009, 2010, 2011 Nicira Networks. + * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014 Nicira, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,11 +16,11 @@ #include #include "netlink-socket.h" -#include #include #include #include #include +#include #include #include "coverage.h" #include "dynamic-string.h" @@ -29,9 +29,11 @@ #include "netlink.h" #include "netlink-protocol.h" #include "ofpbuf.h" +#include "ovs-thread.h" #include "poll-loop.h" +#include "seq.h" #include "socket-util.h" -#include "stress.h" +#include "util.h" #include "vlog.h" VLOG_DEFINE_THIS_MODULE(netlink_socket); @@ -39,7 +41,6 @@ VLOG_DEFINE_THIS_MODULE(netlink_socket); COVERAGE_DEFINE(netlink_overflow); COVERAGE_DEFINE(netlink_received); COVERAGE_DEFINE(netlink_recv_jumbo); -COVERAGE_DEFINE(netlink_send); COVERAGE_DEFINE(netlink_sent); /* Linux header file confusion causes this to be undefined. */ @@ -52,77 +53,118 @@ COVERAGE_DEFINE(netlink_sent); * information. Also, at high logging levels we log *all* Netlink messages. */ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(60, 600); +static uint32_t nl_sock_allocate_seq(struct nl_sock *, unsigned int n); static void log_nlmsg(const char *function, int error, const void *message, size_t size, int protocol); /* Netlink sockets. */ -struct nl_sock -{ +struct nl_sock { int fd; + uint32_t next_seq; uint32_t pid; int protocol; - bool any_groups; - struct nl_dump *dump; + unsigned int rcvbuf; /* Receive buffer size (SO_RCVBUF). */ }; -static int alloc_pid(uint32_t *); -static void free_pid(uint32_t); -static int nl_sock_cow__(struct nl_sock *); +/* Compile-time limit on iovecs, so that we can allocate a maximum-size array + * of iovecs on the stack. */ +#define MAX_IOVS 128 + +/* Maximum number of iovecs that may be passed to sendmsg, capped at a + * minimum of _XOPEN_IOV_MAX (16) and a maximum of MAX_IOVS. + * + * Initialized by nl_sock_create(). */ +static int max_iovs; + +static int nl_pool_alloc(int protocol, struct nl_sock **sockp); +static void nl_pool_release(struct nl_sock *); /* Creates a new netlink socket for the given netlink 'protocol' * (NETLINK_ROUTE, NETLINK_GENERIC, ...). Returns 0 and sets '*sockp' to the - * new socket if successful, otherwise returns a positive errno value. */ + * new socket if successful, otherwise returns a positive errno value. */ int nl_sock_create(int protocol, struct nl_sock **sockp) { + static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER; struct nl_sock *sock; struct sockaddr_nl local, remote; + socklen_t local_size; + int rcvbuf; int retval = 0; - *sockp = NULL; - sock = malloc(sizeof *sock); - if (sock == NULL) { - return ENOMEM; + if (ovsthread_once_start(&once)) { + int save_errno = errno; + errno = 0; + + max_iovs = sysconf(_SC_UIO_MAXIOV); + if (max_iovs < _XOPEN_IOV_MAX) { + if (max_iovs == -1 && errno) { + VLOG_WARN("sysconf(_SC_UIO_MAXIOV): %s", ovs_strerror(errno)); + } + max_iovs = _XOPEN_IOV_MAX; + } else if (max_iovs > MAX_IOVS) { + max_iovs = MAX_IOVS; + } + + errno = save_errno; + ovsthread_once_done(&once); } + *sockp = NULL; + sock = xmalloc(sizeof *sock); + sock->fd = socket(AF_NETLINK, SOCK_RAW, protocol); if (sock->fd < 0) { - VLOG_ERR("fcntl: %s", strerror(errno)); + VLOG_ERR("fcntl: %s", ovs_strerror(errno)); goto error; } sock->protocol = protocol; - sock->any_groups = false; - sock->dump = NULL; - - retval = alloc_pid(&sock->pid); - if (retval) { - goto error; + sock->next_seq = 1; + + rcvbuf = 1024 * 1024; + if (setsockopt(sock->fd, SOL_SOCKET, SO_RCVBUFFORCE, + &rcvbuf, sizeof rcvbuf)) { + /* Only root can use SO_RCVBUFFORCE. Everyone else gets EPERM. + * Warn only if the failure is therefore unexpected. */ + if (errno != EPERM) { + VLOG_WARN_RL(&rl, "setting %d-byte socket receive buffer failed " + "(%s)", rcvbuf, ovs_strerror(errno)); + } } - /* Bind local address as our selected pid. */ - memset(&local, 0, sizeof local); - local.nl_family = AF_NETLINK; - local.nl_pid = sock->pid; - if (bind(sock->fd, (struct sockaddr *) &local, sizeof local) < 0) { - VLOG_ERR("bind(%"PRIu32"): %s", sock->pid, strerror(errno)); - goto error_free_pid; + retval = get_socket_rcvbuf(sock->fd); + if (retval < 0) { + retval = -retval; + goto error; } + sock->rcvbuf = retval; - /* Bind remote address as the kernel (pid 0). */ + /* Connect to kernel (pid 0) as remote address. */ memset(&remote, 0, sizeof remote); remote.nl_family = AF_NETLINK; remote.nl_pid = 0; if (connect(sock->fd, (struct sockaddr *) &remote, sizeof remote) < 0) { - VLOG_ERR("connect(0): %s", strerror(errno)); - goto error_free_pid; + VLOG_ERR("connect(0): %s", ovs_strerror(errno)); + goto error; } + /* Obtain pid assigned by kernel. */ + local_size = sizeof local; + if (getsockname(sock->fd, (struct sockaddr *) &local, &local_size) < 0) { + VLOG_ERR("getsockname: %s", ovs_strerror(errno)); + goto error; + } + if (local_size < sizeof local || local.nl_family != AF_NETLINK) { + VLOG_ERR("getsockname returned bad Netlink name"); + retval = EINVAL; + goto error; + } + sock->pid = local.nl_pid; + *sockp = sock; return 0; -error_free_pid: - free_pid(sock->pid); error: if (retval == 0) { retval = errno; @@ -151,19 +193,18 @@ void nl_sock_destroy(struct nl_sock *sock) { if (sock) { - if (sock->dump) { - sock->dump = NULL; - } else { - close(sock->fd); - free_pid(sock->pid); - free(sock); - } + close(sock->fd); + free(sock); } } /* Tries to add 'sock' as a listener for 'multicast_group'. Returns 0 if * successful, otherwise a positive errno value. * + * A socket that is subscribed to a multicast group that receives asynchronous + * notifications must not be used for Netlink transactions or dumps, because + * transactions and dumps can cause notifications to be lost. + * * Multicast group numbers are always positive. * * It is not an error to attempt to join a multicast group to which a socket @@ -171,17 +212,12 @@ nl_sock_destroy(struct nl_sock *sock) int nl_sock_join_mcgroup(struct nl_sock *sock, unsigned int multicast_group) { - int error = nl_sock_cow__(sock); - if (error) { - return error; - } if (setsockopt(sock->fd, SOL_NETLINK, NETLINK_ADD_MEMBERSHIP, &multicast_group, sizeof multicast_group) < 0) { VLOG_WARN("could not join multicast group %u (%s)", - multicast_group, strerror(errno)); + multicast_group, ovs_strerror(errno)); return errno; } - sock->any_groups = true; return 0; } @@ -198,30 +234,31 @@ nl_sock_join_mcgroup(struct nl_sock *sock, unsigned int multicast_group) int nl_sock_leave_mcgroup(struct nl_sock *sock, unsigned int multicast_group) { - assert(!sock->dump); if (setsockopt(sock->fd, SOL_NETLINK, NETLINK_DROP_MEMBERSHIP, &multicast_group, sizeof multicast_group) < 0) { VLOG_WARN("could not leave multicast group %u (%s)", - multicast_group, strerror(errno)); + multicast_group, ovs_strerror(errno)); return errno; } return 0; } static int -nl_sock_send__(struct nl_sock *sock, const struct ofpbuf *msg, bool wait) +nl_sock_send__(struct nl_sock *sock, const struct ofpbuf *msg, + uint32_t nlmsg_seq, bool wait) { struct nlmsghdr *nlmsg = nl_msg_nlmsghdr(msg); int error; - nlmsg->nlmsg_len = msg->size; + nlmsg->nlmsg_len = ofpbuf_size(msg); + nlmsg->nlmsg_seq = nlmsg_seq; nlmsg->nlmsg_pid = sock->pid; do { int retval; - retval = send(sock->fd, msg->data, msg->size, wait ? 0 : MSG_DONTWAIT); + retval = send(sock->fd, ofpbuf_data(msg), ofpbuf_size(msg), wait ? 0 : MSG_DONTWAIT); error = retval < 0 ? errno : 0; } while (error == EINTR); - log_nlmsg(__func__, error, msg->data, msg->size, sock->protocol); + log_nlmsg(__func__, error, ofpbuf_data(msg), ofpbuf_size(msg), sock->protocol); if (!error) { COVERAGE_INC(netlink_sent); } @@ -229,8 +266,9 @@ nl_sock_send__(struct nl_sock *sock, const struct ofpbuf *msg, bool wait) } /* Tries to send 'msg', which must contain a Netlink message, to the kernel on - * 'sock'. nlmsg_len in 'msg' will be finalized to match msg->size, and - * nlmsg_pid will be set to 'sock''s pid, before the message is sent. + * 'sock'. nlmsg_len in 'msg' will be finalized to match ofpbuf_size(msg), nlmsg_pid + * will be set to 'sock''s pid, and nlmsg_seq will be initialized to a fresh + * sequence number, before the message is sent. * * Returns 0 if successful, otherwise a positive errno value. If * 'wait' is true, then the send will wait until buffer space is ready; @@ -238,49 +276,48 @@ nl_sock_send__(struct nl_sock *sock, const struct ofpbuf *msg, bool wait) int nl_sock_send(struct nl_sock *sock, const struct ofpbuf *msg, bool wait) { - int error = nl_sock_cow__(sock); - if (error) { - return error; - } - return nl_sock_send__(sock, msg, wait); + return nl_sock_send_seq(sock, msg, nl_sock_allocate_seq(sock, 1), wait); } -/* This stress option is useful for testing that OVS properly tolerates - * -ENOBUFS on NetLink sockets. Such errors are unavoidable because they can - * occur if the kernel cannot temporarily allocate enough GFP_ATOMIC memory to - * reply to a request. They can also occur if messages arrive on a multicast - * channel faster than OVS can process them. */ -STRESS_OPTION( - netlink_overflow, "simulate netlink socket receive buffer overflow", - 5, 1, -1, 100); +/* Tries to send 'msg', which must contain a Netlink message, to the kernel on + * 'sock'. nlmsg_len in 'msg' will be finalized to match ofpbuf_size(msg), nlmsg_pid + * will be set to 'sock''s pid, and nlmsg_seq will be initialized to + * 'nlmsg_seq', before the message is sent. + * + * Returns 0 if successful, otherwise a positive errno value. If + * 'wait' is true, then the send will wait until buffer space is ready; + * otherwise, returns EAGAIN if the 'sock' send buffer is full. + * + * This function is suitable for sending a reply to a request that was received + * with sequence number 'nlmsg_seq'. Otherwise, use nl_sock_send() instead. */ +int +nl_sock_send_seq(struct nl_sock *sock, const struct ofpbuf *msg, + uint32_t nlmsg_seq, bool wait) +{ + return nl_sock_send__(sock, msg, nlmsg_seq, wait); +} static int -nl_sock_recv__(struct nl_sock *sock, struct ofpbuf **bufp, bool wait) -{ - /* We can't accurately predict the size of the data to be received. Most - * received data will fit in a 2 kB buffer, so we allocate that much space. - * In case the data is actually bigger than that, we make available enough - * additional space to allow Netlink messages to be up to 64 kB long (a - * reasonable figure since that's the maximum length of a Netlink - * attribute). */ - enum { MAX_SIZE = 65536 }; - enum { HEAD_SIZE = 2048 }; - enum { TAIL_SIZE = MAX_SIZE - HEAD_SIZE }; - +nl_sock_recv__(struct nl_sock *sock, struct ofpbuf *buf, bool wait) +{ + /* We can't accurately predict the size of the data to be received. The + * caller is supposed to have allocated enough space in 'buf' to handle the + * "typical" case. To handle exceptions, we make available enough space in + * 'tail' to allow Netlink messages to be up to 64 kB long (a reasonable + * figure since that's the maximum length of a Netlink attribute). */ struct nlmsghdr *nlmsghdr; - uint8_t tail[TAIL_SIZE]; + uint8_t tail[65536]; struct iovec iov[2]; - struct ofpbuf *buf; struct msghdr msg; ssize_t retval; - *bufp = NULL; + ovs_assert(buf->allocated >= sizeof *nlmsghdr); + ofpbuf_clear(buf); - buf = ofpbuf_new(HEAD_SIZE); - iov[0].iov_base = buf->data; - iov[0].iov_len = HEAD_SIZE; + iov[0].iov_base = ofpbuf_base(buf); + iov[0].iov_len = buf->allocated; iov[1].iov_base = tail; - iov[1].iov_len = TAIL_SIZE; + iov[1].iov_len = sizeof tail; memset(&msg, 0, sizeof msg); msg.msg_iov = iov; @@ -297,60 +334,270 @@ nl_sock_recv__(struct nl_sock *sock, struct ofpbuf **bufp, bool wait) * the kernel tried to send to us. */ COVERAGE_INC(netlink_overflow); } - ofpbuf_delete(buf); return error; } if (msg.msg_flags & MSG_TRUNC) { - VLOG_ERR_RL(&rl, "truncated message (longer than %d bytes)", MAX_SIZE); - ofpbuf_delete(buf); + VLOG_ERR_RL(&rl, "truncated message (longer than %"PRIuSIZE" bytes)", + sizeof tail); return E2BIG; } - ofpbuf_put_uninit(buf, MIN(retval, HEAD_SIZE)); - if (retval > HEAD_SIZE) { - COVERAGE_INC(netlink_recv_jumbo); - ofpbuf_put(buf, tail, retval - HEAD_SIZE); - } - - nlmsghdr = buf->data; + nlmsghdr = ofpbuf_data(buf); if (retval < sizeof *nlmsghdr || nlmsghdr->nlmsg_len < sizeof *nlmsghdr || nlmsghdr->nlmsg_len > retval) { - VLOG_ERR_RL(&rl, "received invalid nlmsg (%zd bytes < %d)", - retval, NLMSG_HDRLEN); - ofpbuf_delete(buf); + VLOG_ERR_RL(&rl, "received invalid nlmsg (%"PRIuSIZE"d bytes < %"PRIuSIZE")", + retval, sizeof *nlmsghdr); return EPROTO; } - if (STRESS(netlink_overflow)) { - ofpbuf_delete(buf); - return ENOBUFS; + ofpbuf_set_size(buf, MIN(retval, buf->allocated)); + if (retval > buf->allocated) { + COVERAGE_INC(netlink_recv_jumbo); + ofpbuf_put(buf, tail, retval - buf->allocated); } - *bufp = buf; - log_nlmsg(__func__, 0, buf->data, buf->size, sock->protocol); + log_nlmsg(__func__, 0, ofpbuf_data(buf), ofpbuf_size(buf), sock->protocol); COVERAGE_INC(netlink_received); return 0; } -/* Tries to receive a netlink message from the kernel on 'sock'. If - * successful, stores the received message into '*bufp' and returns 0. The - * caller is responsible for destroying the message with ofpbuf_delete(). On - * failure, returns a positive errno value and stores a null pointer into - * '*bufp'. +/* Tries to receive a Netlink message from the kernel on 'sock' into 'buf'. If + * 'wait' is true, waits for a message to be ready. Otherwise, fails with + * EAGAIN if the 'sock' receive buffer is empty. + * + * The caller must have initialized 'buf' with an allocation of at least + * NLMSG_HDRLEN bytes. For best performance, the caller should allocate enough + * space for a "typical" message. * - * If 'wait' is true, nl_sock_recv waits for a message to be ready; otherwise, - * returns EAGAIN if the 'sock' receive buffer is empty. */ + * On success, returns 0 and replaces 'buf''s previous content by the received + * message. This function expands 'buf''s allocated memory, as necessary, to + * hold the actual size of the received message. + * + * On failure, returns a positive errno value and clears 'buf' to zero length. + * 'buf' retains its previous memory allocation. + * + * Regardless of success or failure, this function resets 'buf''s headroom to + * 0. */ int -nl_sock_recv(struct nl_sock *sock, struct ofpbuf **bufp, bool wait) +nl_sock_recv(struct nl_sock *sock, struct ofpbuf *buf, bool wait) { - int error = nl_sock_cow__(sock); + return nl_sock_recv__(sock, buf, wait); +} + +static void +nl_sock_record_errors__(struct nl_transaction **transactions, size_t n, + int error) +{ + size_t i; + + for (i = 0; i < n; i++) { + struct nl_transaction *txn = transactions[i]; + + txn->error = error; + if (txn->reply) { + ofpbuf_clear(txn->reply); + } + } +} + +static int +nl_sock_transact_multiple__(struct nl_sock *sock, + struct nl_transaction **transactions, size_t n, + size_t *done) +{ + uint64_t tmp_reply_stub[1024 / 8]; + struct nl_transaction tmp_txn; + struct ofpbuf tmp_reply; + + uint32_t base_seq; + struct iovec iovs[MAX_IOVS]; + struct msghdr msg; + int error; + int i; + + base_seq = nl_sock_allocate_seq(sock, n); + *done = 0; + for (i = 0; i < n; i++) { + struct nl_transaction *txn = transactions[i]; + struct nlmsghdr *nlmsg = nl_msg_nlmsghdr(txn->request); + + nlmsg->nlmsg_len = ofpbuf_size(txn->request); + nlmsg->nlmsg_seq = base_seq + i; + nlmsg->nlmsg_pid = sock->pid; + + iovs[i].iov_base = ofpbuf_data(txn->request); + iovs[i].iov_len = ofpbuf_size(txn->request); + } + + memset(&msg, 0, sizeof msg); + msg.msg_iov = iovs; + msg.msg_iovlen = n; + do { + error = sendmsg(sock->fd, &msg, 0) < 0 ? errno : 0; + } while (error == EINTR); + + for (i = 0; i < n; i++) { + struct nl_transaction *txn = transactions[i]; + + log_nlmsg(__func__, error, ofpbuf_data(txn->request), ofpbuf_size(txn->request), + sock->protocol); + } + if (!error) { + COVERAGE_ADD(netlink_sent, n); + } + if (error) { return error; } - return nl_sock_recv__(sock, bufp, wait); + + ofpbuf_use_stub(&tmp_reply, tmp_reply_stub, sizeof tmp_reply_stub); + tmp_txn.request = NULL; + tmp_txn.reply = &tmp_reply; + tmp_txn.error = 0; + while (n > 0) { + struct nl_transaction *buf_txn, *txn; + uint32_t seq; + + /* Find a transaction whose buffer we can use for receiving a reply. + * If no such transaction is left, use tmp_txn. */ + buf_txn = &tmp_txn; + for (i = 0; i < n; i++) { + if (transactions[i]->reply) { + buf_txn = transactions[i]; + break; + } + } + + /* Receive a reply. */ + error = nl_sock_recv__(sock, buf_txn->reply, false); + if (error) { + if (error == EAGAIN) { + nl_sock_record_errors__(transactions, n, 0); + *done += n; + error = 0; + } + break; + } + + /* Match the reply up with a transaction. */ + seq = nl_msg_nlmsghdr(buf_txn->reply)->nlmsg_seq; + if (seq < base_seq || seq >= base_seq + n) { + VLOG_DBG_RL(&rl, "ignoring unexpected seq %#"PRIx32, seq); + continue; + } + i = seq - base_seq; + txn = transactions[i]; + + /* Fill in the results for 'txn'. */ + if (nl_msg_nlmsgerr(buf_txn->reply, &txn->error)) { + if (txn->reply) { + ofpbuf_clear(txn->reply); + } + if (txn->error) { + VLOG_DBG_RL(&rl, "received NAK error=%d (%s)", + error, ovs_strerror(txn->error)); + } + } else { + txn->error = 0; + if (txn->reply && txn != buf_txn) { + /* Swap buffers. */ + struct ofpbuf *reply = buf_txn->reply; + buf_txn->reply = txn->reply; + txn->reply = reply; + } + } + + /* Fill in the results for transactions before 'txn'. (We have to do + * this after the results for 'txn' itself because of the buffer swap + * above.) */ + nl_sock_record_errors__(transactions, i, 0); + + /* Advance. */ + *done += i + 1; + transactions += i + 1; + n -= i + 1; + base_seq += i + 1; + } + ofpbuf_uninit(&tmp_reply); + + return error; +} + +/* Sends the 'request' member of the 'n' transactions in 'transactions' on + * 'sock', in order, and receives responses to all of them. Fills in the + * 'error' member of each transaction with 0 if it was successful, otherwise + * with a positive errno value. If 'reply' is nonnull, then it will be filled + * with the reply if the message receives a detailed reply. In other cases, + * i.e. where the request failed or had no reply beyond an indication of + * success, 'reply' will be cleared if it is nonnull. + * + * The caller is responsible for destroying each request and reply, and the + * transactions array itself. + * + * Before sending each message, this function will finalize nlmsg_len in each + * 'request' to match the ofpbuf's size, set nlmsg_pid to 'sock''s pid, and + * initialize nlmsg_seq. + * + * Bare Netlink is an unreliable transport protocol. This function layers + * reliable delivery and reply semantics on top of bare Netlink. See + * nl_sock_transact() for some caveats. + */ +void +nl_sock_transact_multiple(struct nl_sock *sock, + struct nl_transaction **transactions, size_t n) +{ + int max_batch_count; + int error; + + if (!n) { + return; + } + + /* In theory, every request could have a 64 kB reply. But the default and + * maximum socket rcvbuf size with typical Dom0 memory sizes both tend to + * be a bit below 128 kB, so that would only allow a single message in a + * "batch". So we assume that replies average (at most) 4 kB, which allows + * a good deal of batching. + * + * In practice, most of the requests that we batch either have no reply at + * all or a brief reply. */ + max_batch_count = MAX(sock->rcvbuf / 4096, 1); + max_batch_count = MIN(max_batch_count, max_iovs); + + while (n > 0) { + size_t count, bytes; + size_t done; + + /* Batch up to 'max_batch_count' transactions. But cap it at about a + * page of requests total because big skbuffs are expensive to + * allocate in the kernel. */ +#if defined(PAGESIZE) + enum { MAX_BATCH_BYTES = MAX(1, PAGESIZE - 512) }; +#else + enum { MAX_BATCH_BYTES = 4096 - 512 }; +#endif + bytes = ofpbuf_size(transactions[0]->request); + for (count = 1; count < n && count < max_batch_count; count++) { + if (bytes + ofpbuf_size(transactions[count]->request) > MAX_BATCH_BYTES) { + break; + } + bytes += ofpbuf_size(transactions[count]->request); + } + + error = nl_sock_transact_multiple__(sock, transactions, count, &done); + transactions += done; + n -= done; + + if (error == ENOBUFS) { + VLOG_DBG_RL(&rl, "receive buffer overflow, resending request"); + } else if (error) { + VLOG_ERR_RL(&rl, "transaction error (%s)", ovs_strerror(error)); + nl_sock_record_errors__(transactions, n, error); + } + } } /* Sends 'request' to the kernel via 'sock' and waits for a response. If @@ -361,9 +608,9 @@ nl_sock_recv(struct nl_sock *sock, struct ofpbuf **bufp, bool wait) * on failure '*replyp' is set to NULL. If 'replyp' is null, then the kernel's * reply, if any, is discarded. * - * nlmsg_len in 'msg' will be finalized to match msg->size, and nlmsg_pid will - * be set to 'sock''s pid, before the message is sent. NLM_F_ACK will be set - * in nlmsg_flags. + * Before the message is sent, nlmsg_len in 'request' will be finalized to + * match ofpbuf_size(msg), nlmsg_pid will be set to 'sock''s pid, and nlmsg_seq will + * be initialized, NLM_F_ACK will be set in nlmsg_flags. * * The caller is responsible for destroying 'request'. * @@ -394,244 +641,160 @@ nl_sock_recv(struct nl_sock *sock, struct ofpbuf **bufp, bool wait) * needs to be idempotent. */ int -nl_sock_transact(struct nl_sock *sock, - const struct ofpbuf *request, struct ofpbuf **replyp) +nl_sock_transact(struct nl_sock *sock, const struct ofpbuf *request, + struct ofpbuf **replyp) { - uint32_t seq = nl_msg_nlmsghdr(request)->nlmsg_seq; - struct nlmsghdr *nlmsghdr; - struct ofpbuf *reply; - int retval; - - if (replyp) { - *replyp = NULL; - } + struct nl_transaction *transactionp; + struct nl_transaction transaction; - /* Ensure that we get a reply even if this message doesn't ordinarily call - * for one. */ - nl_msg_nlmsghdr(request)->nlmsg_flags |= NLM_F_ACK; + transaction.request = CONST_CAST(struct ofpbuf *, request); + transaction.reply = replyp ? ofpbuf_new(1024) : NULL; + transactionp = &transaction; -send: - retval = nl_sock_send(sock, request, true); - if (retval) { - return retval; - } + nl_sock_transact_multiple(sock, &transactionp, 1); -recv: - retval = nl_sock_recv(sock, &reply, true); - if (retval) { - if (retval == ENOBUFS) { - COVERAGE_INC(netlink_overflow); - VLOG_DBG_RL(&rl, "receive buffer overflow, resending request"); - goto send; + if (replyp) { + if (transaction.error) { + ofpbuf_delete(transaction.reply); + *replyp = NULL; } else { - return retval; + *replyp = transaction.reply; } } - nlmsghdr = nl_msg_nlmsghdr(reply); - if (seq != nlmsghdr->nlmsg_seq) { - VLOG_DBG_RL(&rl, "ignoring seq %#"PRIx32" != expected %#"PRIx32, - nl_msg_nlmsghdr(reply)->nlmsg_seq, seq); - ofpbuf_delete(reply); - goto recv; - } - /* If the reply is an error, discard the reply and return the error code. - * - * Except: if the reply is just an acknowledgement (error code of 0), and - * the caller is interested in the reply (replyp != NULL), pass the reply - * up to the caller. Otherwise the caller will get a return value of 0 - * and null '*replyp', which makes unwary callers likely to segfault. */ - if (nl_msg_nlmsgerr(reply, &retval) && (retval || !replyp)) { - ofpbuf_delete(reply); - if (retval) { - VLOG_DBG_RL(&rl, "received NAK error=%d (%s)", - retval, strerror(retval)); - } - return retval != EAGAIN ? retval : EPROTO; - } - - if (replyp) { - *replyp = reply; - } else { - ofpbuf_delete(reply); - } - return 0; + return transaction.error; } /* Drain all the messages currently in 'sock''s receive queue. */ int nl_sock_drain(struct nl_sock *sock) { - int error = nl_sock_cow__(sock); - if (error) { - return error; - } return drain_rcvbuf(sock->fd); } -/* The client is attempting some operation on 'sock'. If 'sock' has an ongoing - * dump operation, then replace 'sock''s fd with a new socket and hand 'sock''s - * old fd over to the dump. */ -static int -nl_sock_cow__(struct nl_sock *sock) -{ - struct nl_sock *copy; - uint32_t tmp_pid; - int tmp_fd; - int error; - - if (!sock->dump) { - return 0; - } - - error = nl_sock_clone(sock, ©); - if (error) { - return error; - } - - tmp_fd = sock->fd; - sock->fd = copy->fd; - copy->fd = tmp_fd; - - tmp_pid = sock->pid; - sock->pid = copy->pid; - copy->pid = tmp_pid; - - sock->dump->sock = copy; - sock->dump = NULL; - - return 0; -} - -/* Starts a Netlink "dump" operation, by sending 'request' to the kernel via - * 'sock', and initializes 'dump' to reflect the state of the operation. - * - * nlmsg_len in 'msg' will be finalized to match msg->size, and nlmsg_pid will - * be set to 'sock''s pid, before the message is sent. NLM_F_DUMP and - * NLM_F_ACK will be set in nlmsg_flags. +/* Starts a Netlink "dump" operation, by sending 'request' to the kernel on a + * Netlink socket created with the given 'protocol', and initializes 'dump' to + * reflect the state of the operation. * - * This Netlink socket library is designed to ensure that the dump is reliable - * and that it will not interfere with other operations on 'sock', including - * destroying or sending and receiving messages on 'sock'. One corner case is - * not handled: + * 'request' must contain a Netlink message. Before sending the message, + * nlmsg_len will be finalized to match request->size, and nlmsg_pid will be + * set to the Netlink socket's pid. NLM_F_DUMP and NLM_F_ACK will be set in + * nlmsg_flags. * - * - If 'sock' has been used to send a request (e.g. with nl_sock_send()) - * whose response has not yet been received (e.g. with nl_sock_recv()). - * This is unusual: usually nl_sock_transact() is used to send a message - * and receive its reply all in one go. + * The design of this Netlink socket library ensures that the dump is reliable. * - * This function provides no status indication. An error status for the entire - * dump operation is provided when it is completed by calling nl_dump_done(). + * This function provides no status indication. nl_dump_done() provides an + * error status for the entire dump operation. * - * The caller is responsible for destroying 'request'. - * - * The new 'dump' is independent of 'sock'. 'sock' and 'dump' may be destroyed - * in either order. + * The caller must eventually destroy 'request'. */ void -nl_dump_start(struct nl_dump *dump, - struct nl_sock *sock, const struct ofpbuf *request) -{ - struct nlmsghdr *nlmsghdr = nl_msg_nlmsghdr(request); - nlmsghdr->nlmsg_flags |= NLM_F_DUMP | NLM_F_ACK; - dump->seq = nlmsghdr->nlmsg_seq; - dump->buffer = NULL; - if (sock->any_groups || sock->dump) { - /* 'sock' might belong to some multicast group, or it already has an - * onoging dump. Clone the socket to avoid possibly intermixing - * multicast messages or previous dump results with our results. */ - dump->status = nl_sock_clone(sock, &dump->sock); - if (dump->status) { - return; - } - } else { - sock->dump = dump; - dump->sock = sock; - dump->status = 0; - } - dump->status = nl_sock_send__(sock, request, true); -} - -/* Helper function for nl_dump_next(). */ -static int -nl_dump_recv(struct nl_dump *dump, struct ofpbuf **bufferp) +nl_dump_start(struct nl_dump *dump, int protocol, const struct ofpbuf *request) { - struct nlmsghdr *nlmsghdr; - struct ofpbuf *buffer; - int retval; - - retval = nl_sock_recv__(dump->sock, bufferp, true); - if (retval) { - return retval == EINTR ? EAGAIN : retval; - } - buffer = *bufferp; - - nlmsghdr = nl_msg_nlmsghdr(buffer); - if (dump->seq != nlmsghdr->nlmsg_seq) { - VLOG_DBG_RL(&rl, "ignoring seq %#"PRIx32" != expected %#"PRIx32, - nlmsghdr->nlmsg_seq, dump->seq); - return EAGAIN; - } + int status = nl_pool_alloc(protocol, &dump->sock); - if (nl_msg_nlmsgerr(buffer, &retval)) { - VLOG_INFO_RL(&rl, "netlink dump request error (%s)", - strerror(retval)); - return retval && retval != EAGAIN ? retval : EPROTO; + if (status) { + return; } - return 0; + nl_msg_nlmsghdr(request)->nlmsg_flags |= NLM_F_DUMP | NLM_F_ACK; + status = nl_sock_send__(dump->sock, request, + nl_sock_allocate_seq(dump->sock, 1), true); + atomic_init(&dump->status, status << 1); + dump->nl_seq = nl_msg_nlmsghdr(request)->nlmsg_seq; + dump->status_seq = seq_create(); } -/* Attempts to retrieve another reply from 'dump', which must have been - * initialized with nl_dump_start(). +/* Attempts to retrieve another reply from 'dump' into 'buffer'. 'dump' must + * have been initialized with nl_dump_start(), and 'buffer' must have been + * initialized. 'buffer' should be at least NL_DUMP_BUFSIZE bytes long. * - * If successful, returns true and points 'reply->data' and 'reply->size' to - * the message that was retrieved. The caller must not modify 'reply' (because - * it points into the middle of a larger buffer). + * If successful, returns true and points 'reply->data' and 'ofpbuf_size(reply)' to + * the message that was retrieved. The caller must not modify 'reply' (because + * it points within 'buffer', which will be used by future calls to this + * function). * - * On failure, returns false and sets 'reply->data' to NULL and 'reply->size' + * On failure, returns false and sets 'reply->data' to NULL and 'ofpbuf_size(reply)' * to 0. Failure might indicate an actual error or merely the end of replies. * An error status for the entire dump operation is provided when it is * completed by calling nl_dump_done(). + * + * Multiple threads may call this function, passing the same nl_dump, however + * each must provide independent buffers. This function may cache multiple + * replies in the buffer, and these will be processed before more replies are + * fetched. When this function returns false, other threads may continue to + * process replies in their buffers, but they will not fetch more replies. */ bool -nl_dump_next(struct nl_dump *dump, struct ofpbuf *reply) +nl_dump_next(struct nl_dump *dump, struct ofpbuf *reply, struct ofpbuf *buffer) { struct nlmsghdr *nlmsghdr; + int error = 0; - reply->data = NULL; - reply->size = 0; - if (dump->status) { - return false; - } + ofpbuf_set_data(reply, NULL); + ofpbuf_set_size(reply, 0); - if (dump->buffer && !dump->buffer->size) { - ofpbuf_delete(dump->buffer); - dump->buffer = NULL; - } - while (!dump->buffer) { - int retval = nl_dump_recv(dump, &dump->buffer); + /* If 'buffer' is empty, fetch another batch of nlmsgs. */ + while (!ofpbuf_size(buffer)) { + unsigned int status; + int retval, seq; + + seq = seq_read(dump->status_seq); + atomic_read(&dump->status, &status); + if (status) { + return false; + } + + retval = nl_sock_recv__(dump->sock, buffer, false); if (retval) { - ofpbuf_delete(dump->buffer); - dump->buffer = NULL; - if (retval != EAGAIN) { - dump->status = retval; - return false; + ofpbuf_clear(buffer); + if (retval == EAGAIN) { + nl_sock_wait(dump->sock, POLLIN); + seq_wait(dump->status_seq, seq); + poll_block(); + continue; + } else { + error = retval; + goto exit; } } + + nlmsghdr = nl_msg_nlmsghdr(buffer); + if (dump->nl_seq != nlmsghdr->nlmsg_seq) { + VLOG_DBG_RL(&rl, "ignoring seq %#"PRIx32" != expected %#"PRIx32, + nlmsghdr->nlmsg_seq, dump->nl_seq); + ofpbuf_clear(buffer); + continue; + } + + if (nl_msg_nlmsgerr(buffer, &retval) && retval) { + VLOG_INFO_RL(&rl, "netlink dump request error (%s)", + ovs_strerror(retval)); + error = retval == EAGAIN ? EPROTO : retval; + ofpbuf_clear(buffer); + goto exit; + } } - nlmsghdr = nl_msg_next(dump->buffer, reply); + /* Fetch the next nlmsg in the current batch. */ + nlmsghdr = nl_msg_next(buffer, reply); if (!nlmsghdr) { VLOG_WARN_RL(&rl, "netlink dump reply contains message fragment"); - dump->status = EPROTO; - return false; + error = EPROTO; } else if (nlmsghdr->nlmsg_type == NLMSG_DONE) { - dump->status = EOF; - return false; + error = EOF; } - return true; +exit: + if (error == EOF) { + unsigned int old; + atomic_or(&dump->status, 1, &old); + seq_change(dump->status_seq); + } else if (error) { + atomic_store(&dump->status, error << 1); + seq_change(dump->status_seq); + } + return !error; } /* Completes Netlink dump operation 'dump', which must have been initialized @@ -640,24 +803,28 @@ nl_dump_next(struct nl_dump *dump, struct ofpbuf *reply) int nl_dump_done(struct nl_dump *dump) { - /* Drain any remaining messages that the client didn't read. Otherwise the - * kernel will continue to queue them up and waste buffer space. */ - while (!dump->status) { - struct ofpbuf reply; - if (!nl_dump_next(dump, &reply)) { - assert(dump->status); - } - } + int status; - if (dump->sock) { - if (dump->sock->dump) { - dump->sock->dump = NULL; - } else { - nl_sock_destroy(dump->sock); + /* Drain any remaining messages that the client didn't read. Otherwise the + * kernel will continue to queue them up and waste buffer space. + * + * XXX We could just destroy and discard the socket in this case. */ + atomic_read(&dump->status, &status); + if (!status) { + uint64_t tmp_reply_stub[NL_DUMP_BUFSIZE / 8]; + struct ofpbuf reply, buf; + + ofpbuf_use_stub(&buf, tmp_reply_stub, sizeof tmp_reply_stub); + while (nl_dump_next(dump, &reply, &buf)) { + /* Nothing to do. */ } + atomic_read(&dump->status, &status); + ovs_assert(status); + ofpbuf_uninit(&buf); } - ofpbuf_delete(dump->buffer); - return dump->status == EOF ? 0 : dump->status; + nl_pool_release(dump->sock); + seq_destroy(dump->status_seq); + return status >> 1; } /* Causes poll_block() to wake up when any of the specified 'events' (which is @@ -667,6 +834,26 @@ nl_sock_wait(const struct nl_sock *sock, short int events) { poll_fd_wait(sock->fd, events); } + +/* Returns the underlying fd for 'sock', for use in "poll()"-like operations + * that can't use nl_sock_wait(). + * + * It's a little tricky to use the returned fd correctly, because nl_sock does + * "copy on write" to allow a single nl_sock to be used for notifications, + * transactions, and dumps. If 'sock' is used only for notifications and + * transactions (and never for dump) then the usage is safe. */ +int +nl_sock_fd(const struct nl_sock *sock) +{ + return sock->fd; +} + +/* Returns the PID associated with this socket. */ +uint32_t +nl_sock_pid(const struct nl_sock *sock) +{ + return sock->pid; +} /* Miscellaneous. */ @@ -680,7 +867,7 @@ static struct hmap genl_families = HMAP_INITIALIZER(&genl_families); static const struct nl_policy family_policy[CTRL_ATTR_MAX + 1] = { [CTRL_ATTR_FAMILY_ID] = {.type = NL_A_U16}, - [CTRL_ATTR_MCAST_GROUPS] = {.type = NL_A_NESTED}, + [CTRL_ATTR_MCAST_GROUPS] = {.type = NL_A_NESTED, .optional = true}, }; static struct genl_family * @@ -766,15 +953,15 @@ do_lookup_genl_family(const char *name, struct nlattr **attrs, /* Finds the multicast group called 'group_name' in genl family 'family_name'. * When successful, writes its result to 'multicast_group' and returns 0. - * Otherwise, clears 'multicast_group' and returns a positive error code. */ + * Otherwise, clears 'multicast_group' and returns a positive error code. + */ int nl_lookup_genl_mcgroup(const char *family_name, const char *group_name, unsigned int *multicast_group) { struct nlattr *family_attrs[ARRAY_SIZE(family_policy)]; - struct ofpbuf all_mcs; + const struct nlattr *mc; struct ofpbuf *reply; - struct nlattr *mc; unsigned int left; int error; @@ -784,8 +971,12 @@ nl_lookup_genl_mcgroup(const char *family_name, const char *group_name, return error; } - nl_attr_get_nested(family_attrs[CTRL_ATTR_MCAST_GROUPS], &all_mcs); - NL_ATTR_FOR_EACH (mc, left, all_mcs.data, all_mcs.size) { + if (!family_attrs[CTRL_ATTR_MCAST_GROUPS]) { + error = EPROTO; + goto exit; + } + + NL_NESTED_FOR_EACH (mc, left, family_attrs[CTRL_ATTR_MCAST_GROUPS]) { static const struct nl_policy mc_policy[] = { [CTRL_ATTR_MCAST_GRP_ID] = {.type = NL_A_U32}, [CTRL_ATTR_MCAST_GRP_NAME] = {.type = NL_A_STRING}, @@ -835,59 +1026,112 @@ nl_lookup_genl_family(const char *name, int *number) } ofpbuf_delete(reply); - assert(*number != 0); + ovs_assert(*number != 0); } return *number > 0 ? 0 : -*number; } -/* Netlink PID. - * - * Every Netlink socket must be bound to a unique 32-bit PID. By convention, - * programs that have a single Netlink socket use their Unix process ID as PID, - * and programs with multiple Netlink sockets add a unique per-socket - * identifier in the bits above the Unix process ID. - * - * The kernel has Netlink PID 0. - */ +struct nl_pool { + struct nl_sock *socks[16]; + int n; +}; -/* Parameters for how many bits in the PID should come from the Unix process ID - * and how many unique per-socket. */ -#define SOCKET_BITS 10 -#define MAX_SOCKETS (1u << SOCKET_BITS) +static struct ovs_mutex pool_mutex = OVS_MUTEX_INITIALIZER; +static struct nl_pool pools[MAX_LINKS] OVS_GUARDED_BY(pool_mutex); -#define PROCESS_BITS (32 - SOCKET_BITS) -#define MAX_PROCESSES (1u << PROCESS_BITS) -#define PROCESS_MASK ((uint32_t) (MAX_PROCESSES - 1)) +static int +nl_pool_alloc(int protocol, struct nl_sock **sockp) +{ + struct nl_sock *sock = NULL; + struct nl_pool *pool; -/* Bit vector of unused socket identifiers. */ -static uint32_t avail_sockets[ROUND_UP(MAX_SOCKETS, 32)]; + ovs_assert(protocol >= 0 && protocol < ARRAY_SIZE(pools)); -/* Allocates and returns a new Netlink PID. */ -static int -alloc_pid(uint32_t *pid) + ovs_mutex_lock(&pool_mutex); + pool = &pools[protocol]; + if (pool->n > 0) { + sock = pool->socks[--pool->n]; + } + ovs_mutex_unlock(&pool_mutex); + + if (sock) { + *sockp = sock; + return 0; + } else { + return nl_sock_create(protocol, sockp); + } +} + +static void +nl_pool_release(struct nl_sock *sock) { - int i; + if (sock) { + struct nl_pool *pool = &pools[sock->protocol]; - for (i = 0; i < MAX_SOCKETS; i++) { - if ((avail_sockets[i / 32] & (1u << (i % 32))) == 0) { - avail_sockets[i / 32] |= 1u << (i % 32); - *pid = (getpid() & PROCESS_MASK) | (i << PROCESS_BITS); - return 0; + ovs_mutex_lock(&pool_mutex); + if (pool->n < ARRAY_SIZE(pool->socks)) { + pool->socks[pool->n++] = sock; + sock = NULL; } + ovs_mutex_unlock(&pool_mutex); + + nl_sock_destroy(sock); } - VLOG_ERR("netlink pid space exhausted"); - return ENOBUFS; } -/* Makes the specified 'pid' available for reuse. */ -static void -free_pid(uint32_t pid) +int +nl_transact(int protocol, const struct ofpbuf *request, + struct ofpbuf **replyp) { - int sock = pid >> PROCESS_BITS; - assert(avail_sockets[sock / 32] & (1u << (sock % 32))); - avail_sockets[sock / 32] &= ~(1u << (sock % 32)); + struct nl_sock *sock; + int error; + + error = nl_pool_alloc(protocol, &sock); + if (error) { + *replyp = NULL; + return error; + } + + error = nl_sock_transact(sock, request, replyp); + + nl_pool_release(sock); + return error; } + +void +nl_transact_multiple(int protocol, + struct nl_transaction **transactions, size_t n) +{ + struct nl_sock *sock; + int error; + + error = nl_pool_alloc(protocol, &sock); + if (!error) { + nl_sock_transact_multiple(sock, transactions, n); + nl_pool_release(sock); + } else { + nl_sock_record_errors__(transactions, n, error); + } +} + +static uint32_t +nl_sock_allocate_seq(struct nl_sock *sock, unsigned int n) +{ + uint32_t seq = sock->next_seq; + + sock->next_seq += n; + + /* Make it impossible for the next request for sequence numbers to wrap + * around to 0. Start over with 1 to avoid ever using a sequence number of + * 0, because the kernel uses sequence number 0 for notifications. */ + if (sock->next_seq >= UINT32_MAX / 2) { + sock->next_seq = 1; + } + + return seq; +} + static void nlmsghdr_to_string(const struct nlmsghdr *h, int protocol, struct ds *ds) { @@ -936,10 +1180,8 @@ nlmsghdr_to_string(const struct nlmsghdr *h, int protocol, struct ds *ds) if (flags_left) { ds_put_format(ds, "[OTHER:%"PRIx16"]", flags_left); } - ds_put_format(ds, ", seq=%"PRIx32", pid=%"PRIu32"(%d:%d))", - h->nlmsg_seq, h->nlmsg_pid, - (int) (h->nlmsg_pid & PROCESS_MASK), - (int) (h->nlmsg_pid >> PROCESS_BITS)); + ds_put_format(ds, ", seq=%"PRIx32", pid=%"PRIu32, + h->nlmsg_seq, h->nlmsg_pid); } static char * @@ -956,7 +1198,7 @@ nlmsg_to_string(const struct ofpbuf *buffer, int protocol) if (e) { ds_put_format(&ds, " error(%d", e->error); if (e->error < 0) { - ds_put_format(&ds, "(%s)", strerror(-e->error)); + ds_put_format(&ds, "(%s)", ovs_strerror(-e->error)); } ds_put_cstr(&ds, ", in-reply-to("); nlmsghdr_to_string(&e->msg, protocol, &ds); @@ -969,7 +1211,7 @@ nlmsg_to_string(const struct ofpbuf *buffer, int protocol) if (error) { ds_put_format(&ds, " done(%d", *error); if (*error < 0) { - ds_put_format(&ds, "(%s)", strerror(-*error)); + ds_put_format(&ds, "(%s)", ovs_strerror(-*error)); } ds_put_cstr(&ds, ")"); } else { @@ -1001,8 +1243,6 @@ log_nlmsg(const char *function, int error, ofpbuf_use_const(&buffer, message, size); nlmsg = nlmsg_to_string(&buffer, protocol); - VLOG_DBG_RL(&rl, "%s (%s): %s", function, strerror(error), nlmsg); + VLOG_DBG_RL(&rl, "%s (%s): %s", function, ovs_strerror(error), nlmsg); free(nlmsg); } - -