From owner-freebsd-ipfw@FreeBSD.ORG Mon Dec 3 17:34:15 2012 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D8966F0B for ; Mon, 3 Dec 2012 17:34:15 +0000 (UTC) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.freebsd.org (Postfix) with ESMTP id 3E0548FC1A for ; Mon, 3 Dec 2012 17:34:14 +0000 (UTC) Received: (qmail 92577 invoked from network); 3 Dec 2012 19:04:45 -0000 Received: from c00l3r.networx.ch (HELO [127.0.0.1]) ([62.48.2.2]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 3 Dec 2012 19:04:45 -0000 Message-ID: <50BCE294.4070409@freebsd.org> Date: Mon, 03 Dec 2012 18:34:12 +0100 From: Andre Oppermann User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20121026 Thunderbird/16.0.2 MIME-Version: 1.0 To: "Alexander V. Chernikov" Subject: Re: [CFT] Virtual BPF interfaces References: <4F96D11B.2060007@FreeBSD.org> <20120425.020518.406495893112283552.hrs@allbsd.org> <4F96E71B.9020405@FreeBSD.org> <20120427.084414.1142593201575277510.hrs@allbsd.org> <4FD4AD29.3040204@FreeBSD.org> <50BAA552.1010707@FreeBSD.org> <20121203081134.GO14202@glebius.int.ru> <50BC989E.3080303@FreeBSD.org> In-Reply-To: <50BC989E.3080303@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@FreeBSD.org, Gleb Smirnoff , delphij@FreeBSD.org, Hiroki Sato , "freebsd-net@freebsd.org" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Dec 2012 17:34:16 -0000 On 03.12.2012 13:18, Alexander V. Chernikov wrote: > On 03.12.2012 12:11, Gleb Smirnoff wrote: >> On Sun, Dec 02, 2012 at 04:48:18AM +0400, Alexander V. Chernikov wrote: >> A> On 10.06.2012 18:20, Alexander V. Chernikov wrote: >> A> > On 27.04.2012 03:44, Hiroki Sato wrote: >> A> >> "Alexander V. Chernikov" wrote >> A> >> in<4F96E71B.9020405@FreeBSD.org>: >> A> >> >> A> >> me> On 24.04.2012 21:05, Hiroki Sato wrote: >> A> > >> A> > Proof-of-concept patch attached. >> A> >> A> Hopefully, libcap code is easily extendable. >> A> New version attached: >> A> * BPF code is now able to use 'virtual' interfaces without real ifnet >> A> * New bpfattach3() / bpfdetach3() routines were added to attach virtual >> A> ifaces >> A> * New BIOCGIFLIST ioctl is added to permit userland to retrieve >> A> available virtual interfaces >> A> * freebsd-specific 'platform_finddevs' version is added to libpcap code >> A> (new file) >> A> >> A> There are some rough edges (conditional code in pcap-bpf.c, lack of >> A> documentation, maybe some style issues), but generally it seems to work >> A> and does not interfere with contrib/ code much (from my point of view). >> A> >> A> ipfw log device was converted to use new bpf(4) api, see attached patch. >> >> Nice proof of concept, Alexander! >> >> What does prevent us from unifing all bpf providers to be "virtual" in >> current terms? I think if we finish divorce between ifnet and bpf, the code >> would get simplier and you can proceed further with reducing locking >> overhead. > > We have to jump from ifnet to the list of per-ifnet BPF consumers somehow, so I'm not sure if we can > do much more here. BPF itself doesn't require much from parent ifnet. > > What I really want to do next is the following: > > 1) Make BPF_PEERS_PRESENT(ifp) to be (ifp->if_bpf != NULL). This saves some processing time and > permits 'bpf_if' to be be totally opaque without any hacks. You have to be a bit careful with locking, or rather not locking. When the consumer is not doing any lock operations it may not (immediately) pick up that the pointer was changed on another CPU. > 2) Set if_bpf pointer IFF there are some consumers (and set it back to NULL when all consumers are > detached). This should work well for 'main' BPF DLT, but single (currently, 802.11) interface can > hold more than one DLTs. Probably we can save dst pointer passed to bpfattach2() to given bpf_if > structure, and set this value instead of ->if_bpf. > This, however, can lead to hard-to-find problems, since bpfattach[2] is usually not called by driver > directly. Separate from the above BPF on the output side may be optimized by passing the mbuf not from drv*_start() but from drv*_txeof(). There may be a few microseconds delay but a mbuf (-chain) copy is saved in the transmit path. As an additional benefit only those packets that actually were transmitted are persented to bpf. -- Andre