[ovs-dev] 答复: 答复: [PATCH v2 0/3] userspace: enable tap interface?statistics and status update support

Flavio Leitner fbl at sysclose.org
Mon Sep 21 14:38:12 UTC 2020 

On Fri, Sep 18, 2020 at 02:07:51AM +0000, Yi Yang (杨燚)-云服务集团 wrote:
> To be clarified, tap socket isn't created in netns currently because OVS doesn't have such info, current way is:
> 
> # Step 1, add tap interface into ovs bridge in root netns, tap socket is created at this point.
> # step 2, move tap interface to specified netns.
> 
> So question, how do you get netns id from tap socket? Would you guys like to add netlink API for this in Linux kernel?  I know you Redhat guys are familiar with rtnl.
> 
> Can you two guys clearly explain how to implement the behavior you expect?

The commit below implements an ioctl API to get the netns fd from the tun device.
With that information, we can use netlink RTM_GETNSID to translate the fd to the
netns id. Finally, call rtm_getlink with that netnsid as target netnsid to get
all the info.

Those are 3 calls, which is not really efficient. I would suggest to improve
rtm_getlink to accept a target netns fd as well or add an ioctl to tun to
return the netns id right away.


commit 0c3e0e3bb623c3735b8c9ab8aa8332f944f83a9f
Author: Kirill Tkhai <ktkhai at virtuozzo.com>
Date:   Wed Mar 20 12:16:42 2019 +0300

    tun: Add ioctl() TUNGETDEVNETNS cmd to allow obtaining real net ns of tun device
    
    In commit f2780d6d7475 "tun: Add ioctl() SIOCGSKNS cmd to allow
    obtaining net ns of tun device" it was missed that tun may change
    its net ns, while net ns of socket remains the same as it was
    created initially. SIOCGSKNS returns net ns of socket, so it is
    not suitable for obtaining net ns of device.
    
    We may have two tun devices with the same names in two net ns,
    and in this case it's not possible to determ, which of them
    fd refers to (TUNGETIFF will return the same name).
    
    This patch adds new ioctl() cmd for obtaining net ns of a device.
    
    Reported-by: Harald Albrecht <harald.albrecht at gmx.net>
    Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
    Signed-off-by: David S. Miller <davem at davemloft.net>

HTH,
fbl

> 
> 
> -----邮件原件-----
> 发件人: Flavio Leitner [mailto:fbl at sysclose.org] 
> 发送时间: 2020年9月17日 19:59
> 收件人: Yi Yang (杨燚)-云服务集团 <yangyi01 at inspur.com>
> 抄送: aconole at redhat.com; yang_y_yi at 163.com; ovs-dev at openvswitch.org; i.maximets at ovn.org
> 主题: Re: 答复: [ovs-dev] [PATCH v2 0/3] userspace: enable tap interface?statistics and status update support
> 
> On Thu, Sep 17, 2020 at 01:05:22AM +0000, Yi Yang (杨燚)-云服务集团 wrote:
> > Aaron, any caller thread just binds it to netns on calling enter_netns, once it has entered netns, it won't disappear, so exit_netns caller thread must be current thread, once it exits netns, it returns back to original root netns, at this point, this thread can disappear, not a question, isn't it? So I'm not sure why you're saying it is unsafe.
> > 
> > It is impossible to let Linux kernel  provide that API with netns as 
> > argument, although it is possible to do it theoretically, it is 
> > impractical  fantasy IMO :-)
> 
> OVS already uses rtm_getlink to get that information, see netdev_linux_update_via_netlink().
> 
> What we need is to get netnsid from the tap socket. I also think that is a reasonable kernel API addition.  See for example:
>  a86bd14ec ("netlink: provide network namespace id from a msg.").
> 
> fbl
> 
> > 
> > -----邮件原件-----
> > 发件人: dev [mailto:ovs-dev-bounces at openvswitch.org] 代表 Aaron Conole
> > 发送时间: 2020年9月17日 0:38
> > 收件人: yang_y_yi at 163.com
> > 抄送: ovs-dev at openvswitch.org; i.maximets at ovn.org; fbl at sysclose.org
> > 主题: Re: [ovs-dev] [PATCH v2 0/3] userspace: enable tap interface 
> > statistics and status update support
> > 
> > yang_y_yi at 163.com writes:
> > 
> > > From: Yi Yang <yangyi01 at inspur.com>
> > >
> > > OVS userspace datapath can't support tap interface statistics and 
> > > status update, so users can't get these information by cmd 
> > > "ovs-vsctl list interface tap1", the root cause of this issue is OVS 
> > > doesn't know network namespace of tap interface.
> > >
> > > This patch series fixed this issue and make sure tap interface can 
> > > show statistics and get status update.
> > >
> > > Yi Yang (3):
> > >   Add netns option for tap interface in userspace datapath
> > >   Fix tap interface statistics issue
> > >   Fix tap interface status update issue in network namespace
> > >
> > >  lib/dpif-netlink.c         |  51 +++++
> > >  lib/dpif-netlink.h         |   3 +
> > >  lib/netdev-linux-private.h |   1 +
> > >  lib/netdev-linux.c         | 481 ++++++++++++++++++++++++++++++++++++++++-----
> > >  lib/netlink-socket.c       | 146 ++++++++++++++
> > >  lib/netlink-socket.h       |   2 +
> > >  lib/socket-util-unix.c     |  37 ++++
> > >  lib/socket-util.h          |   3 +
> > >  8 files changed, 675 insertions(+), 49 deletions(-)
> > >
> > > --
> > >
> > > Changelog
> > >
> > >   v1 -> v2:
> > >     * Split pmd thread support to seperate patch series
> > >     * Check enter_netns return error
> > >     * Limit setns to network namespace only by CLONE_NEWNET
> > 
> > Sorry, but more thinking about this I don't support this series going in.  It reassociates the thread with a netns that may disappear causing faults in the middle of processing - I don't think it's safe.
> > 
> > NAK.
> > 
> > I think the correct solution is to add support in the kernel for 
> > getting the netns/ifindex from the tap socket, and then use that to 
> > query the statistics.  This should be solved by using (or creating if 
> > one doesn't
> > exist) a kernel API to do this query by getting the netns information and using that to do these get operations.
> > 
> > Maybe someone disagrees.
> > 
> > _______________________________________________
> > dev mailing list
> > dev at openvswitch.org
> > https://mail.openvswitch.org/mailman/listinfo/ovs-dev
> 
> 
> 
> --
> fbl



-- 
fbl

More information about the dev mailing list