mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-17 02:36:21 +00:00
f73b12812a
Currently, TIPC transports intra-node user data messages directly
socket to socket, hence shortcutting all the lower layers of the
communication stack. This gives TIPC very good intra node performance,
both regarding throughput and latency.
We now introduce a similar mechanism for TIPC data traffic across
network namespaces located in the same kernel. On the send path, the
call chain is as always accompanied by the sending node's network name
space pointer. However, once we have reliably established that the
receiving node is represented by a namespace on the same host, we just
replace the namespace pointer with the receiving node/namespace's
ditto, and follow the regular socket receive patch though the receiving
node. This technique gives us a throughput similar to the node internal
throughput, several times larger than if we let the traffic go though
the full network stacks. As a comparison, max throughput for 64k
messages is four times larger than TCP throughput for the same type of
traffic.
To meet any security concerns, the following should be noted.
- All nodes joining a cluster are supposed to have been be certified
and authenticated by mechanisms outside TIPC. This is no different for
nodes/namespaces on the same host; they have to auto discover each
other using the attached interfaces, and establish links which are
supervised via the regular link monitoring mechanism. Hence, a kernel
local node has no other way to join a cluster than any other node, and
have to obey to policies set in the IP or device layers of the stack.
- Only when a sender has established with 100% certainty that the peer
node is located in a kernel local namespace does it choose to let user
data messages, and only those, take the crossover path to the receiving
node/namespace.
- If the receiving node/namespace is removed, its namespace pointer
is invalidated at all peer nodes, and their neighbor link monitoring
will eventually note that this node is gone.
- To ensure the "100% certainty" criteria, and prevent any possible
spoofing, received discovery messages must contain a proof that the
sender knows a common secret. We use the hash mix of the sending
node/namespace for this purpose, since it can be accessed directly by
all other namespaces in the kernel. Upon reception of a discovery
message, the receiver checks this proof against all the local
namespaces'hash_mix:es. If it finds a match, that, along with a
matching node id and cluster id, this is deemed sufficient proof that
the peer node in question is in a local namespace, and a wormhole can
be opened.
- We should also consider that TIPC is intended to be a cluster local
IPC mechanism (just like e.g. UNIX sockets) rather than a network
protocol, and hence we think it can justified to allow it to shortcut the
lower protocol layers.
Regarding traceability, we should notice that since commit 6c9081a3915d
("tipc: add loopback device tracking") it is possible to follow the node
internal packet flow by just activating tcpdump on the loopback
interface. This will be true even for this mechanism; by activating
tcpdump on the involved nodes' loopback interfaces their inter-name
space messaging can easily be tracked.
v2:
- update 'net' pointer when node left/rejoined
v3:
- grab read/write lock when using node ref obj
v4:
- clone traffics between netns to loopback
Suggested-by: Jon Maloy <jon.maloy@ericsson.com>
Acked-by: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: Hoang Le <hoang.h.le@dektech.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
212 lines
5.5 KiB
C
212 lines
5.5 KiB
C
/*
|
|
* net/tipc/core.c: TIPC module code
|
|
*
|
|
* Copyright (c) 2003-2006, 2013, Ericsson AB
|
|
* Copyright (c) 2005-2006, 2010-2013, Wind River Systems
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions are met:
|
|
*
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. Neither the names of the copyright holders nor the names of its
|
|
* contributors may be used to endorse or promote products derived from
|
|
* this software without specific prior written permission.
|
|
*
|
|
* Alternatively, this software may be distributed under the terms of the
|
|
* GNU General Public License ("GPL") version 2 as published by the Free
|
|
* Software Foundation.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
|
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
|
|
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
* POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
|
|
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
|
|
|
|
#include "core.h"
|
|
#include "name_table.h"
|
|
#include "subscr.h"
|
|
#include "bearer.h"
|
|
#include "net.h"
|
|
#include "socket.h"
|
|
#include "bcast.h"
|
|
#include "node.h"
|
|
|
|
#include <linux/module.h>
|
|
|
|
/* configurable TIPC parameters */
|
|
unsigned int tipc_net_id __read_mostly;
|
|
int sysctl_tipc_rmem[3] __read_mostly; /* min/default/max */
|
|
|
|
static int __net_init tipc_init_net(struct net *net)
|
|
{
|
|
struct tipc_net *tn = net_generic(net, tipc_net_id);
|
|
int err;
|
|
|
|
tn->net_id = 4711;
|
|
tn->node_addr = 0;
|
|
tn->trial_addr = 0;
|
|
tn->addr_trial_end = 0;
|
|
tn->capabilities = TIPC_NODE_CAPABILITIES;
|
|
memset(tn->node_id, 0, sizeof(tn->node_id));
|
|
memset(tn->node_id_string, 0, sizeof(tn->node_id_string));
|
|
tn->mon_threshold = TIPC_DEF_MON_THRESHOLD;
|
|
get_random_bytes(&tn->random, sizeof(int));
|
|
INIT_LIST_HEAD(&tn->node_list);
|
|
spin_lock_init(&tn->node_list_lock);
|
|
|
|
err = tipc_sk_rht_init(net);
|
|
if (err)
|
|
goto out_sk_rht;
|
|
|
|
err = tipc_nametbl_init(net);
|
|
if (err)
|
|
goto out_nametbl;
|
|
|
|
INIT_LIST_HEAD(&tn->dist_queue);
|
|
|
|
err = tipc_bcast_init(net);
|
|
if (err)
|
|
goto out_bclink;
|
|
|
|
err = tipc_attach_loopback(net);
|
|
if (err)
|
|
goto out_bclink;
|
|
|
|
return 0;
|
|
|
|
out_bclink:
|
|
tipc_nametbl_stop(net);
|
|
out_nametbl:
|
|
tipc_sk_rht_destroy(net);
|
|
out_sk_rht:
|
|
return err;
|
|
}
|
|
|
|
static void __net_exit tipc_exit_net(struct net *net)
|
|
{
|
|
tipc_detach_loopback(net);
|
|
tipc_net_stop(net);
|
|
tipc_bcast_stop(net);
|
|
tipc_nametbl_stop(net);
|
|
tipc_sk_rht_destroy(net);
|
|
}
|
|
|
|
static void __net_exit tipc_pernet_pre_exit(struct net *net)
|
|
{
|
|
tipc_node_pre_cleanup_net(net);
|
|
}
|
|
|
|
static struct pernet_operations tipc_pernet_pre_exit_ops = {
|
|
.pre_exit = tipc_pernet_pre_exit,
|
|
};
|
|
|
|
static struct pernet_operations tipc_net_ops = {
|
|
.init = tipc_init_net,
|
|
.exit = tipc_exit_net,
|
|
.id = &tipc_net_id,
|
|
.size = sizeof(struct tipc_net),
|
|
};
|
|
|
|
static struct pernet_operations tipc_topsrv_net_ops = {
|
|
.init = tipc_topsrv_init_net,
|
|
.exit = tipc_topsrv_exit_net,
|
|
};
|
|
|
|
static int __init tipc_init(void)
|
|
{
|
|
int err;
|
|
|
|
pr_info("Activated (version " TIPC_MOD_VER ")\n");
|
|
|
|
sysctl_tipc_rmem[0] = RCVBUF_MIN;
|
|
sysctl_tipc_rmem[1] = RCVBUF_DEF;
|
|
sysctl_tipc_rmem[2] = RCVBUF_MAX;
|
|
|
|
err = tipc_netlink_start();
|
|
if (err)
|
|
goto out_netlink;
|
|
|
|
err = tipc_netlink_compat_start();
|
|
if (err)
|
|
goto out_netlink_compat;
|
|
|
|
err = tipc_register_sysctl();
|
|
if (err)
|
|
goto out_sysctl;
|
|
|
|
err = register_pernet_device(&tipc_net_ops);
|
|
if (err)
|
|
goto out_pernet;
|
|
|
|
err = tipc_socket_init();
|
|
if (err)
|
|
goto out_socket;
|
|
|
|
err = register_pernet_device(&tipc_topsrv_net_ops);
|
|
if (err)
|
|
goto out_pernet_topsrv;
|
|
|
|
err = register_pernet_subsys(&tipc_pernet_pre_exit_ops);
|
|
if (err)
|
|
goto out_register_pernet_subsys;
|
|
|
|
err = tipc_bearer_setup();
|
|
if (err)
|
|
goto out_bearer;
|
|
|
|
pr_info("Started in single node mode\n");
|
|
return 0;
|
|
out_bearer:
|
|
unregister_pernet_subsys(&tipc_pernet_pre_exit_ops);
|
|
out_register_pernet_subsys:
|
|
unregister_pernet_device(&tipc_topsrv_net_ops);
|
|
out_pernet_topsrv:
|
|
tipc_socket_stop();
|
|
out_socket:
|
|
unregister_pernet_device(&tipc_net_ops);
|
|
out_pernet:
|
|
tipc_unregister_sysctl();
|
|
out_sysctl:
|
|
tipc_netlink_compat_stop();
|
|
out_netlink_compat:
|
|
tipc_netlink_stop();
|
|
out_netlink:
|
|
pr_err("Unable to start in single node mode\n");
|
|
return err;
|
|
}
|
|
|
|
static void __exit tipc_exit(void)
|
|
{
|
|
tipc_bearer_cleanup();
|
|
unregister_pernet_subsys(&tipc_pernet_pre_exit_ops);
|
|
unregister_pernet_device(&tipc_topsrv_net_ops);
|
|
tipc_socket_stop();
|
|
unregister_pernet_device(&tipc_net_ops);
|
|
tipc_netlink_stop();
|
|
tipc_netlink_compat_stop();
|
|
tipc_unregister_sysctl();
|
|
|
|
pr_info("Deactivated\n");
|
|
}
|
|
|
|
module_init(tipc_init);
|
|
module_exit(tipc_exit);
|
|
|
|
MODULE_DESCRIPTION("TIPC: Transparent Inter Process Communication");
|
|
MODULE_LICENSE("Dual BSD/GPL");
|
|
MODULE_VERSION(TIPC_MOD_VER);
|