当前位置:   article > 正文

macvlan源码分析

macvlan源码分析

本文主要分析macvlan代码实现。分为如下几部分
a. 分析命令行参数如何传递
b. 分析kernel端代码如何解析命令行参数,并创建macvlan虚接口
c. 分析将网卡up起来时需要设置哪些东西
d. 分析报文接收流程。几种模式下不同的操作
e. 分析报文发送流程。只有bridge模式有特殊操作,其他模式直接从父接口发送出去

下面是比较重要的几点注意事项

a. 如果没有指定mtu,则使用父接口的mtu,如果指定了,则不能大于父接口的mtu。
b. passthru 模式下,不能再创建别的macvlan子接口,如果没有配置非混杂,则也要使能父接口的混杂模式。
c. 在macvlan接口上使能混杂或者allmulticast时,会设置filter为全1,这样就可以接收所有组播/广播报文。否则filter只设置广播或者动态添加的组播报文。
d. 如果没设置mode,则默认为 VEPA。
e. 将macvlan子接口up起来后,会将macvlan子接口的mac地址添加到父接口的单播链表中,以便父接口可以接收到macvlan的报文。如果父接口支持单播过滤(IFF_UNICAST_FLT),则将macvlan子接口的mac地址添加到父接口网卡内部过滤表中(可通过bridge fdb list查看单播地址列表),如果父接口不支持单播过滤,则将父接口设置为混杂模式(通过ip -d link show查看promiscuity为1)。这样父接口才会接收目的mac为macvlan子接口的报文。

数据结构

image.png

命令行ip端代码

通过下面命令添加一个macvlan设备
ip link add link ens8 dev macvlan1 type macvlan

命令行填充参数代码如下

  1. link = ens8
  2. ifindex = ll_name_to_index(link);
  3. addattr32(&req->n, sizeof(*req), IFLA_LINK, ifindex);
  4. req->i.ifi_index = 0; //这里仍然是0
  5. name = dev = macvlan1
  6. addattr_l(&req->n, sizeof(*req), IFLA_IFNAME, name, strlen(name) + 1);
  7. type = macvlan
  8. linkinfo = addattr_nest(&req.n, sizeof(req), IFLA_LINKINFO);
  9. addattr_l(&req.n, sizeof(req), IFLA_INFO_KIND, type, strlen(type));
  10. //macvlan私有参数
  11. struct link_util *lu = get_link_kind(type);
  12. iflatype = IFLA_INFO_DATA;
  13. data = addattr_nest(&req.n, sizeof(req), iflatype);
  14. lu->parse_opt(lu, argc, argv, &req.n) //macvlan_parse_opt
  15. addattr32(n, 1024, IFLA_MACVLAN_MODE, mode);
  16. addattr16(n, 1024, IFLA_MACVLAN_FLAGS, flags);
  17. addattr32(n, 1024, IFLA_MACVLAN_MACADDR_MODE, mac_mode);
  18. //如果 mac_mode 为 MACVLAN_MACADDR_ADD 或者 MACVLAN_MACADDR_DEL,则只添加/删除一个mac
  19. addattr_l(n, 1024, IFLA_MACVLAN_MACADDR, &mac, ETH_ALEN);
  20. //如果 mac_mode 为 MACVLAN_MACADDR_SET,则循环添加多个mac
  21. nmac = addattr_nest(n, 1024, IFLA_MACVLAN_MACADDR_DATA);
  22. while
  23. addattr_l(n, 1024, IFLA_MACVLAN_MACADDR, &mac, ETH_ALEN);
  24. addattr_nest_end(n, nmac);
  25. addattr_nest_end(&req.n, data);
  26. addattr_nest_end(&req.n, linkinfo);

kernel端代码

  1. 首先需要加载macvlan驱动

  1. root@ubuntu:~# modprobe macvlan
  2. root@ubuntu:~# lsmod | grep macvlan
  3. macvlan 24576 0

驱动初始化代码如下,主要是注册macvlan_link_ops 到静态链表link_ops,添加macvlan设备时,会查找到此ops进行相关操作。

  1. static struct rtnl_link_ops macvlan_link_ops = {
  2. .kind = "macvlan",
  3. .setup = macvlan_setup,
  4. .newlink = macvlan_newlink,
  5. .dellink = macvlan_dellink,
  6. };
  7. module_init(macvlan_init_module);
  8. static int __init macvlan_init_module(void)
  9. macvlan_link_register(&macvlan_link_ops);
  10. /* common fields */
  11. ops->priv_size = sizeof(struct macvlan_dev);
  12. ops->validate = macvlan_validate;
  13. ops->maxtype = IFLA_MACVLAN_MAX;
  14. ops->policy = macvlan_policy;
  15. ops->changelink = macvlan_changelink;
  16. ops->get_size = macvlan_get_size;
  17. ops->fill_info = macvlan_fill_info;
  18. return rtnl_link_register(ops);
  19. __rtnl_link_register(ops);
  20. if (rtnl_link_ops_get(ops->kind))
  21. return -EEXIST;
  22. //static LIST_HEAD(link_ops); 为静态全局链表头
  23. list_add_tail(&ops->list, &link_ops);
  1. 执行下面命令添加macvlan设备时,kernel端会调用rtnl_newlink添加macvlan虚接口
    ip link add link ens8 dev macvlan1 type macvlan

  1. static int rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh)
  2. nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy);
  3. nla_strlcpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
  4. ifm = nlmsg_data(nlh);
  5. //ifm->ifi_index 在创建macvlan时为0
  6. if (ifm->ifi_index > 0)
  7. dev = __dev_get_by_index(net, ifm->ifi_index);
  8. else {
  9. if (ifname[0])
  10. dev = __dev_get_by_name(net, ifname); //此时还没有创建此dev,所以dev为空
  11. else
  12. dev = NULL;
  13. }
  14. //获取嵌套的 linkinfo
  15. nla_parse_nested(linkinfo, IFLA_INFO_MAX, tb[IFLA_LINKINFO], ifla_info_policy);
  16. //获取 kind,此处为 macvlan
  17. nla_strlcpy(kind, linkinfo[IFLA_INFO_KIND], sizeof(kind));
  18. ops = rtnl_link_ops_get(kind); //对于macvlan来说,macvlan_link_ops
  19. if (ops) {
  20. //获取 kind 私有数据
  21. if (ops->maxtype && linkinfo[IFLA_INFO_DATA]) {
  22. err = nla_parse_nested(attr, ops->maxtype,
  23. linkinfo[IFLA_INFO_DATA],
  24. ops->policy);
  25. if (err < 0)
  26. return err;
  27. data = attr;
  28. }
  29. //调用 macvlan_validate 验证私有数据
  30. if (ops->validate) {
  31. err = ops->validate(tb, data);
  32. if (err < 0)
  33. return err;
  34. }
  35. }
  36. //获取 net,如果没有指定其他net namespace,则使用当前net
  37. dest_net = rtnl_link_get_net(net, tb);
  38. if (tb[IFLA_NET_NS_PID])
  39. net = get_net_ns_by_pid(nla_get_u32(tb[IFLA_NET_NS_PID]));
  40. else if (tb[IFLA_NET_NS_FD])
  41. net = get_net_ns_by_fd(nla_get_u32(tb[IFLA_NET_NS_FD]));
  42. else
  43. net = get_net(src_net);
  44. return net;
  45. dev = rtnl_create_link(dest_net, ifname, name_assign_type, ops, tb);
  46. //获取tx/rx队列个数,如果没配置,则默认为1
  47. if (tb[IFLA_NUM_TX_QUEUES])
  48. num_tx_queues = nla_get_u32(tb[IFLA_NUM_TX_QUEUES]);
  49. else if (ops->get_num_tx_queues)
  50. num_tx_queues = ops->get_num_tx_queues();
  51. if (tb[IFLA_NUM_RX_QUEUES])
  52. num_rx_queues = nla_get_u32(tb[IFLA_NUM_RX_QUEUES]);
  53. else if (ops->get_num_rx_queues)
  54. num_rx_queues = ops->get_num_rx_queues();
  55. //ops->priv_size = sizeof(struct macvlan_dev);
  56. dev = alloc_netdev_mqs(ops->priv_size, ifname, name_assign_type, ops->setup, num_tx_queues, num_rx_queues);
  57. alloc_size = sizeof(struct net_device);
  58. if (sizeof_priv) {
  59. /* ensure 32-byte alignment of private area */
  60. alloc_size = ALIGN(alloc_size, NETDEV_ALIGN);
  61. alloc_size += sizeof_priv;
  62. }
  63. /* ensure 32-byte alignment of whole construct */
  64. alloc_size += NETDEV_ALIGN - 1;
  65. p = kzalloc(alloc_size, GFP_KERNEL | __GFP_NOWARN | __GFP_REPEAT);
  66. dev = PTR_ALIGN(p, NETDEV_ALIGN);
  67. dev_mc_init(dev);
  68. dev_uc_init(dev);
  69. dev_net_set(dev, &init_net);
  70. dev->gso_max_size = GSO_MAX_SIZE;
  71. dev->gso_max_segs = GSO_MAX_SEGS;
  72. dev->gso_min_segs = 0;
  73. setup(dev); //macvlan_setup
  74. macvlan_common_setup(dev);
  75. ether_setup(dev);
  76. dev->header_ops = &eth_header_ops;
  77. dev->type = ARPHRD_ETHER;
  78. dev->hard_header_len = ETH_HLEN;
  79. dev->mtu = ETH_DATA_LEN;
  80. dev->addr_len = ETH_ALEN;
  81. dev->tx_queue_len = 1000; /* Ethernet wants good queues */
  82. dev->flags = IFF_BROADCAST|IFF_MULTICAST;
  83. dev->priv_flags |= IFF_TX_SKB_SHARING;
  84. memset(dev->broadcast, 0xFF, ETH_ALEN);
  85. dev->priv_flags &= ~IFF_TX_SKB_SHARING;
  86. netif_keep_dst(dev);
  87. dev->priv_flags |= IFF_UNICAST_FLT;
  88. dev->netdev_ops = &macvlan_netdev_ops;
  89. dev->destructor = free_netdev;
  90. dev->header_ops = &macvlan_hard_header_ops;
  91. dev->ethtool_ops = &macvlan_ethtool_ops;
  92. dev->tx_queue_len = 0;
  93. strcpy(dev->name, name);
  94. dev_net_set(dev, net);
  95. dev->rtnl_link_ops = ops;
  96. dev->rtnl_link_state = RTNL_LINK_INITIALIZING;
  97. //下面的参数,如果指定了就赋值即可
  98. if (tb[IFLA_MTU])
  99. dev->mtu = nla_get_u32(tb[IFLA_MTU]);
  100. if (tb[IFLA_ADDRESS]) {
  101. memcpy(dev->dev_addr, nla_data(tb[IFLA_ADDRESS]),
  102. nla_len(tb[IFLA_ADDRESS]));
  103. dev->addr_assign_type = NET_ADDR_SET;
  104. }
  105. if (tb[IFLA_BROADCAST])
  106. memcpy(dev->broadcast, nla_data(tb[IFLA_BROADCAST]),
  107. nla_len(tb[IFLA_BROADCAST]));
  108. if (tb[IFLA_TXQLEN])
  109. dev->tx_queue_len = nla_get_u32(tb[IFLA_TXQLEN]);
  110. if (tb[IFLA_OPERSTATE])
  111. set_operstate(dev, nla_get_u8(tb[IFLA_OPERSTATE]));
  112. if (tb[IFLA_LINKMODE])
  113. dev->link_mode = nla_get_u8(tb[IFLA_LINKMODE]);
  114. if (tb[IFLA_GROUP])
  115. dev_set_group(dev, nla_get_u32(tb[IFLA_GROUP]));
  116. if (ops->newlink) {
  117. ops->newlink(net, dev, tb, data); //macvlan_newlink
  118. macvlan_common_newlink(src_net, dev, tb, data);
  119. struct macvlan_dev *vlan = netdev_priv(dev);
  120. struct macvlan_port *port;
  121. struct net_device *lowerdev;
  122. //IFLA_LINK 表示macvlan的父接口,如果没有指定肯定不能创建
  123. if (!tb[IFLA_LINK])
  124. return -EINVAL;
  125. //获取父接口,会把父接口赋给 macvlan->lowerdev 保存下来,以便指定此macvlan虚拟接口的父接口是哪个设备
  126. struct net_device *lowerdev = __dev_get_by_index(src_net, nla_get_u32(tb[IFLA_LINK]));
  127. //如果基于macvlan接口创建另一个macvlan接口,则使用真实的父接口
  128. if (netif_is_macvlan(lowerdev)) //return dev->priv_flags & IFF_MACVLAN;
  129. lowerdev = macvlan_dev_real_dev(lowerdev);
  130. struct macvlan_dev *macvlan = netdev_priv(dev);
  131. return macvlan->lowerdev;
  132. //如果没有指定mtu,则使用父接口的mtu
  133. //如果指定了,则不能大于父接口的mtu
  134. if (!tb[IFLA_MTU])
  135. dev->mtu = lowerdev->mtu;
  136. else if (dev->mtu > lowerdev->mtu)
  137. return -EINVAL;
  138. //如果没有指定mac地址,则随机生成一个
  139. if (!tb[IFLA_ADDRESS])
  140. eth_hw_addr_random(dev);
  141. dev->addr_assign_type = NET_ADDR_RANDOM;
  142. eth_random_addr(dev->dev_addr);
  143. get_random_bytes(addr, ETH_ALEN);
  144. addr[0] &= 0xfe; /* clear multicast bit */
  145. addr[0] |= 0x02; /* set local assignment bit (IEEE802) */
  146. //如果父接口没有此标志 IFF_MACVLAN_PORT,说明是第一个给这个设备添加macvlan子接口
  147. if (!macvlan_port_exists(lowerdev)) { //#define macvlan_port_exists(dev) (dev->priv_flags & IFF_MACVLAN_PORT)
  148. macvlan_port_create(lowerdev);
  149. //如果不是 ether 类型或者是 loopback 类型,则返回错误
  150. if (dev->type != ARPHRD_ETHER || dev->flags & IFF_LOOPBACK)
  151. return -EINVAL;
  152. struct macvlan_port *port = kzalloc(sizeof(*port), GFP_KERNEL);
  153. port->passthru = false;
  154. port->dev = dev;
  155. //初始化链表,用于存放所有的macvlan子接口
  156. INIT_LIST_HEAD(&port->vlans);
  157. //初始化 hash 链表,用于存放所有的 up 状态的子接口(调用了 _dev_open)
  158. for (i = 0; i < MACVLAN_HASH_SIZE; i++)
  159. INIT_HLIST_HEAD(&port->vlan_hash[i]);
  160. //初始化 hash 链表
  161. for (i = 0; i < MACVLAN_HASH_SIZE; i++)
  162. INIT_HLIST_HEAD(&port->vlan_source_hash[i]);
  163. //组播/广播报文会放在链表,由 macvlan_process_broadcast 发给所有的up状态的macvlan子接口
  164. skb_queue_head_init(&port->bc_queue);
  165. INIT_WORK(&port->bc_work, macvlan_process_broadcast);
  166. //注册收包函数,这样在 netif_receive_skb 收到报文会调用 macvlan_handle_frame
  167. err = netdev_rx_handler_register(dev, macvlan_handle_frame, port);
  168. rcu_assign_pointer(dev->rx_handler_data, rx_handler_data);
  169. rcu_assign_pointer(dev->rx_handler, rx_handler);
  170. if (err)
  171. kfree(port);
  172. else
  173. //设置标志位
  174. dev->priv_flags |= IFF_MACVLAN_PORT;
  175. port = macvlan_port_get_rtnl(lowerdev); //rtnl_dereference(dev->rx_handler_data);
  176. /* Only 1 macvlan device can be created in passthru mode */
  177. //passthru 模式下,不能再创建别的macvlan子接口
  178. if (port->passthru)
  179. return -EINVAL;
  180. vlan->lowerdev = lowerdev;
  181. vlan->dev = dev;
  182. vlan->port = port;
  183. vlan->set_features = MACVLAN_FEATURES;
  184. vlan->nest_level = dev_get_nest_level(lowerdev, netif_is_macvlan) + 1;
  185. vlan->mode = MACVLAN_MODE_VEPA;
  186. if (data && data[IFLA_MACVLAN_MODE])
  187. vlan->mode = nla_get_u32(data[IFLA_MACVLAN_MODE]);
  188. if (data && data[IFLA_MACVLAN_FLAGS])
  189. vlan->flags = nla_get_u16(data[IFLA_MACVLAN_FLAGS]);
  190. if (vlan->mode == MACVLAN_MODE_PASSTHRU) {
  191. //port->count不为0,说明已经有其他模式的macvlan子接口了,这种情况也不允许
  192. if (port->count)
  193. return -EINVAL;
  194. //设置标志位
  195. port->passthru = true;
  196. //将父接口的mac地址,赋给 passthru 模式的macvlan子接口
  197. eth_hw_addr_inherit(dev, lowerdev);
  198. dst->addr_assign_type = src->addr_assign_type;
  199. ether_addr_copy(dst->dev_addr, src->dev_addr);
  200. }
  201. if (data && data[IFLA_MACVLAN_MACADDR_MODE]) {
  202. if (vlan->mode != MACVLAN_MODE_SOURCE)
  203. return -EINVAL;
  204. macmode = nla_get_u32(data[IFLA_MACVLAN_MACADDR_MODE]);
  205. macvlan_changelink_sources(vlan, macmode, data);
  206. if (mode == MACVLAN_MACADDR_ADD) {
  207. macvlan_hash_add_source(vlan, addr);
  208. struct macvlan_port *port = vlan->port;
  209. struct macvlan_source_entry *entry = kmalloc(sizeof(*entry), GFP_KERNEL);
  210. ether_addr_copy(entry->addr, addr);
  211. entry->vlan = vlan;
  212. h = &port->vlan_source_hash[macvlan_eth_hash(addr)];
  213. hlist_add_head_rcu(&entry->hlist, h);
  214. vlan->macaddr_count++;
  215. //增加macvlan子接口个数的计数
  216. port->count += 1;
  217. //注册macvlan子接口
  218. register_netdevice(dev);
  219. //设置标志位
  220. dev->priv_flags |= IFF_MACVLAN;
  221. netdev_upper_dev_link(lowerdev, dev);
  222. __netdev_upper_dev_link(dev, upper_dev, false, NULL);
  223. //将macvlan子接口添加到父接口的 vlans 链表
  224. list_add_tail_rcu(&vlan->list, &port->vlans);
  225. netif_stacked_transfer_operstate(lowerdev, dev);
  226. rtnl_configure_link(dev, ifm);
  227. old_flags = dev->flags;
  228. if (ifm && (ifm->ifi_flags || ifm->ifi_change)) {
  229. err = __dev_change_flags(dev, rtnl_dev_combine_flags(dev, ifm));
  230. if (err < 0)
  231. return err;
  232. }
  233. dev->rtnl_link_state = RTNL_LINK_INITIALIZED;
  1. 通过ip命令将网卡up起来,或者通过socket ioctl操作网卡时,都会调用dev_change_flags进行相关操作

  1. #通过 ip 命令修改网卡配置时
  2. #ip link set dev xxx up
  3. req->i.ifi_change |= IFF_UP;
  4. req->i.ifi_flags |= IFF_UP;
  5. static int rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh)
  6. dev = __dev_get_by_index(net, ifm->ifi_index);
  7. do_setlink(skb, dev, ifm, tb, ifname, status);
  8. if (ifm->ifi_flags || ifm->ifi_change) {
  9. err = dev_change_flags(dev, rtnl_dev_combine_flags(dev, ifm));
  10. #通过socket修改网卡配置时
  11. static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg)
  12. if (cmd >= SIOCDEVPRIVATE && cmd <= (SIOCDEVPRIVATE + 15)) {
  13. dev_ioctl(net, cmd, argp);
  14. switch (cmd) {
  15. case SIOCSIFFLAGS:
  16. if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
  17. return -EPERM;
  18. dev_load(net, ifr.ifr_name);
  19. dev_ifsioc(net, &ifr, cmd);
  20. struct net_device *dev = __dev_get_by_name(net, ifr->ifr_name);
  21. switch (cmd) {
  22. case SIOCSIFFLAGS: /* Set interface flags */
  23. dev_change_flags(dev, ifr->ifr_flags);
  24. //都会调用dev_change_flags进行相关操作
  25. int dev_change_flags(struct net_device *dev, unsigned int flags)
  26. __dev_change_flags(dev, flags);
  27. unsigned int old_flags = dev->flags;
  28. dev->flags = (flags & (IFF_DEBUG | IFF_NOTRAILERS | IFF_NOARP |
  29. IFF_DYNAMIC | IFF_MULTICAST | IFF_PORTSEL | IFF_AUTOMEDIA)) |
  30. (dev->flags & (IFF_UP | IFF_VOLATILE | IFF_PROMISC | IFF_ALLMULTI));
  31. if ((old_flags ^ flags) & IFF_MULTICAST)
  32. dev_change_rx_flags(dev, IFF_MULTICAST);
  33. ops->ndo_change_rx_flags(dev, flags); //macvlan_change_rx_flags
  34. dev_set_rx_mode(dev);
  35. //新旧flag不一样时,如果旧flag是up,说明新flag是down,需要调用 __dev_close
  36. //如果旧flag不是up,说明新flag是up,需要调用 __dev_open
  37. if ((old_flags ^ flags) & IFF_UP)
  38. ret = ((old_flags & IFF_UP) ? __dev_close : __dev_open)(dev);
  39. static int __dev_open(struct net_device *dev)
  40. const struct net_device_ops *ops = dev->netdev_ops;
  41. ops->ndo_open(dev); //对于macvlan设备来说,macvlan_open
  42. struct macvlan_dev *vlan = netdev_priv(dev);
  43. struct net_device *lowerdev = vlan->lowerdev;
  44. int err;
  45. //passthrough 模式下,如果没有配置非混杂,则也要使能父接口的混杂模式
  46. if (vlan->port->passthru) {
  47. if (!(vlan->flags & MACVLAN_FLAG_NOPROMISC)) {
  48. err = dev_set_promiscuity(lowerdev, 1);
  49. if (err < 0)
  50. goto out;
  51. }
  52. goto hash_add;
  53. }
  54. //和硬件offload相关的,暂时不管
  55. if (lowerdev->features & NETIF_F_HW_L2FW_DOFFLOAD &&
  56. dev->rtnl_link_ops == &macvlan_link_ops) {
  57. vlan->fwd_priv =
  58. lowerdev->netdev_ops->ndo_dfwd_add_station(lowerdev, dev);
  59. /* If we get a NULL pointer back, or if we get an error
  60. * then we should just fall through to the non accelerated path
  61. */
  62. if (IS_ERR_OR_NULL(vlan->fwd_priv)) {
  63. vlan->fwd_priv = NULL;
  64. } else
  65. return 0;
  66. }
  67. if (macvlan_addr_busy(vlan->port, dev->dev_addr))
  68. if (ether_addr_equal_64bits(port->dev->dev_addr, addr))
  69. return 1;
  70. if (macvlan_hash_lookup(port, addr))
  71. return 1;
  72. return 0;
  73. goto out;
  74. //将macvlan子接口的mac地址添加到父接口的单播链表中,以便父接口可以接收到macvlan的报文
  75. err = dev_uc_add(lowerdev, dev->dev_addr);
  76. __hw_addr_add(&dev->uc, addr, dev->addr_len, NETDEV_HW_ADDR_T_UNICAST);
  77. __dev_set_rx_mode(dev);
  78. //如果dev不支持单播过滤功能,即IFF_UNICAST_FLT
  79. if (!(dev->priv_flags & IFF_UNICAST_FLT)) {
  80. /* Unicast addresses changes may only happen under the rtnl,
  81. * therefore calling __dev_set_promiscuity here is safe.
  82. */
  83. //单播链表不为空,并且uc_promisc为false,则使能混杂模式。
  84. //对于macvlan设备来说,这里就是使能父接口的混杂模式
  85. if (!netdev_uc_empty(dev) && !dev->uc_promisc) {
  86. __dev_set_promiscuity(dev, 1, false);
  87. dev->uc_promisc = true;
  88. } else if (netdev_uc_empty(dev) && dev->uc_promisc) {
  89. __dev_set_promiscuity(dev, -1, false);
  90. dev->uc_promisc = false;
  91. }
  92. }
  93. if (dev->flags & IFF_ALLMULTI) {
  94. err = dev_set_allmulti(lowerdev, 1);
  95. if (err < 0)
  96. goto del_unicast;
  97. }
  98. hash_add:
  99. //macvlan设备open后,将设备添加到父接口的 vlan_hash hash链表中
  100. macvlan_hash_add(vlan);
  101. struct macvlan_port *port = vlan->port;
  102. const unsigned char *addr = vlan->dev->dev_addr;
  103. u32 idx = macvlan_eth_hash(addr);
  104. hlist_add_head_rcu(&vlan->hlist, &port->vlan_hash[idx]);
  105. return 0;
  106. if ((flags ^ dev->gflags) & IFF_PROMISC) {
  107. int inc = (flags & IFF_PROMISC) ? 1 : -1;
  108. unsigned int old_flags = dev->flags;
  109. dev->gflags ^= IFF_PROMISC;
  110. if (__dev_set_promiscuity(dev, inc, false) >= 0)
  111. dev->flags |= IFF_PROMISC;
  112. dev->promiscuity += inc;
  113. if (dev->flags != old_flags)
  114. dev_set_rx_mode(dev);
  115. }
  116. if ((flags ^ dev->gflags) & IFF_ALLMULTI) {
  117. int inc = (flags & IFF_ALLMULTI) ? 1 : -1;
  118. dev->gflags ^= IFF_ALLMULTI;
  119. __dev_set_allmulti(dev, inc, false);
  120. dev->flags |= IFF_ALLMULTI;
  121. dev->allmulti += inc;
  122. if (dev->flags ^ old_flags) {
  123. dev_change_rx_flags(dev, IFF_ALLMULTI);
  124. ops->ndo_change_rx_flags(dev, flags); //macvlan_change_rx_flags
  125. //如果macvlan使能了 ALLMULTI,则也要设置父接口使能 ALLMULTI
  126. struct macvlan_dev *vlan = netdev_priv(dev);
  127. //取出父接口
  128. struct net_device *lowerdev = vlan->lowerdev;
  129. if (dev->flags & IFF_UP) {
  130. if (change & IFF_ALLMULTI)
  131. dev_set_allmulti(lowerdev, dev->flags & IFF_ALLMULTI ? 1 : -1);
  132. __dev_set_allmulti(dev, inc, true);
  133. dev_set_rx_mode(dev);
  134. __dev_set_rx_mode(dev);
  135. ops->ndo_set_rx_mode(dev); //macvlan_set_mac_lists
  136. //如果使能了混杂模式或者allmulti,则设置 vlan->mc_filter 所有 bit 位为1,表示可以接收所有报文
  137. if (dev->flags & (IFF_PROMISC | IFF_ALLMULTI)) {
  138. bitmap_fill(vlan->mc_filter, MACVLAN_MC_FILTER_SZ);
  139. } else {
  140. struct netdev_hw_addr *ha;
  141. DECLARE_BITMAP(filter, MACVLAN_MC_FILTER_SZ);
  142. //如果没有使能混杂模式或者allmulti,则只设置设备的dev->mc组播列表地址和广播地址
  143. bitmap_zero(filter, MACVLAN_MC_FILTER_SZ);
  144. netdev_for_each_mc_addr(ha, dev) {
  145. __set_bit(mc_hash(vlan, ha->addr), filter);
  146. }
  147. __set_bit(mc_hash(vlan, dev->broadcast), filter);
  148. bitmap_copy(vlan->mc_filter, filter, MACVLAN_MC_FILTER_SZ);
  149. }
  150. //将macvlan子接口的组播列表和单播列表传递给父接口,以便父接口可以接收到这些报文
  151. dev_uc_sync(vlan->lowerdev, dev);
  152. dev_mc_sync(vlan->lowerdev, dev);
  1. 报文接收流程
    在协议栈入口函数__netif_receive_skb_core中,如果接收数据包的dev的rx_handler不为空,说明需要进行处理,对于macvlan来说,rx_handler为macvlan_handle_frame。

对于组播/广播报文:
bridge模式下的macvlan子接口发出去的报文,经过外部交换机反射回来后,会被主接口和其他模式为vepa的macvlan子接口收到。
vepa模式下的macvlan子接口发出去的报文,经过外部交换机反射回来后,会被主接口和其他模式为vepa和bridge的macvlan子接口收到。
private模式下的macvlan子接口发出去的报文,经过外部交换机反射回来后,只会被发送报文的macvlan子接口收到。
pathrough模式下的macvlan子接口发出去的报文,经过外部交换机反射回来后,只会被发送报文的macvlan子接口收到。

  1. static int __netif_receive_skb_core(struct sk_buff *skb, bool pfmemalloc)
  2. another_round:
  3. skb->skb_iif = skb->dev->ifindex;
  4. ...
  5. ...
  6. //对于macvlan来说,macvlan_handle_frame
  7. rx_handler = rcu_dereference(skb->dev->rx_handler);
  8. if (rx_handler) {
  9. if (pt_prev) {
  10. ret = deliver_skb(skb, pt_prev, orig_dev);
  11. pt_prev = NULL;
  12. }
  13. switch (rx_handler(&skb)) {
  14. //说明报文被释放了
  15. case RX_HANDLER_CONSUMED:
  16. ret = NET_RX_SUCCESS;
  17. goto out;
  18. //说明报文找到了目的地,需要重新走一遍协议栈
  19. case RX_HANDLER_ANOTHER:
  20. goto another_round;
  21. case RX_HANDLER_EXACT:
  22. deliver_exact = true;
  23. //表明报文被复制一份处理,可以后续流程
  24. case RX_HANDLER_PASS:
  25. break;
  26. default:
  27. BUG();
  28. }
  29. }
  30. static rx_handler_result_t macvlan_handle_frame(struct sk_buff **pskb)
  31. struct macvlan_port *port = macvlan_port_get_rcu(skb->dev);
  32. rcu_dereference(dev->rx_handler_data);
  33. //组播/广播处理流程
  34. if (is_multicast_ether_addr(eth->h_dest)) {
  35. skb = ip_check_defrag(skb, IP_DEFRAG_MACVLAN);
  36. if (!skb)
  37. return RX_HANDLER_CONSUMED;
  38. eth = eth_hdr(skb);
  39. macvlan_forward_source(skb, port, eth->h_source);
  40. //根据源mac到主接口的 vlan_hash 查找
  41. src = macvlan_hash_lookup(port, eth->h_source);
  42. if (src && src->mode != MACVLAN_MODE_VEPA &&
  43. src->mode != MACVLAN_MODE_BRIDGE) {
  44. /* forward to original port. */
  45. struct macvlan_dev *vlan = src;
  46. ret = macvlan_broadcast_one(skb, vlan, eth, 0) ?:netif_rx(skb);
  47. handle_res = RX_HANDLER_CONSUMED;
  48. goto out;
  49. }
  50. MACVLAN_SKB_CB(skb)->src = src;
  51. macvlan_broadcast_enqueue(port, skb);
  52. nskb = skb_clone(skb, GFP_ATOMIC);
  53. //将skb复制一份,存入队列
  54. if (skb_queue_len(&port->bc_queue) < MACVLAN_BC_QUEUE_LEN) {
  55. __skb_queue_tail(&port->bc_queue, nskb);
  56. //bc_work 为 macvlan_process_broadcast,从队列取出报文,根据macvlan mode进行转发
  57. schedule_work(&port->bc_work);
  58. return RX_HANDLER_PASS;
  59. }
  60. //单播处理流程
  61. macvlan_forward_source(skb, port, eth->h_source);
  62. if (port->passthru)
  63. //list_first_or_null_rcu 获取链表的第一个元素,对于 passthru 模式来说,也只有一个 macvlan 子接口
  64. vlan = list_first_or_null_rcu(&port->vlans, struct macvlan_dev, list);
  65. else
  66. //根据目的mac 到父接口的 hash 链表 vlan_hash 中查找是否有匹配的macvlan子接口的mac
  67. vlan = macvlan_hash_lookup(port, eth->h_dest);
  68. //如果没有找到合适的macvlan子接口,则返回 RX_HANDLER_PASS,表明此报文没有被macvlan处理,可以继续后面协议栈流程
  69. if (vlan == NULL)
  70. return RX_HANDLER_PASS;
  71. //目的地是此设备,但是设备是down的,则释放skb,并返回RX_HANDLER_CONSUMED,表明报文已经被释放
  72. dev = vlan->dev;
  73. if (unlikely(!(dev->flags & IFF_UP))) {
  74. kfree_skb(skb);
  75. return RX_HANDLER_CONSUMED;
  76. }
  77. len = skb->len + ETH_HLEN;
  78. skb = skb_share_check(skb, GFP_ATOMIC);
  79. if (!skb) {
  80. ret = NET_RX_DROP;
  81. handle_res = RX_HANDLER_CONSUMED;
  82. goto out;
  83. }
  84. //将真正的目的设备 dev 赋给 skb->dev
  85. skb->dev = dev;
  86. //表明报文是发给本机的
  87. skb->pkt_type = PACKET_HOST;
  88. ret = NET_RX_SUCCESS;
  89. //说明报文找到了目的地,需要重新走一遍协议栈
  90. handle_res = RX_HANDLER_ANOTHER;
  91. out:
  92. //增加报文计数
  93. macvlan_count_rx(vlan, len, ret == NET_RX_SUCCESS, false);
  94. return handle_res;
  95. #组播/广播处理流程
  96. static void macvlan_process_broadcast(struct work_struct *w)
  97. struct macvlan_port *port = container_of(w, struct macvlan_port, bc_work);
  98. struct sk_buff *skb;
  99. struct sk_buff_head list;
  100. __skb_queue_head_init(&list);
  101. //将链表port->bc_queue上的报文全部删除,存入本地链表 list
  102. spin_lock_bh(&port->bc_queue.lock);
  103. skb_queue_splice_tail_init(&port->bc_queue, &list);
  104. spin_unlock_bh(&port->bc_queue.lock);
  105. //从本地链表list中循环取出报文进行转发
  106. while ((skb = __skb_dequeue(&list))) {
  107. const struct macvlan_dev *src = MACVLAN_SKB_CB(skb)->src;
  108. rcu_read_lock();
  109. //src为空,说明报文是从外部主机发过来的,此时,如果macvlan子接口都可以收到此
  110. //报文(目的mac还得满足 vlan->mc_filter)
  111. if (!src)
  112. //外部来的报文,不会发送到模式为 source 的macvlan子接口
  113. /* frame comes from an external address */
  114. macvlan_broadcast(skb, port, NULL,
  115. MACVLAN_MODE_PRIVATE |
  116. MACVLAN_MODE_VEPA |
  117. MACVLAN_MODE_PASSTHRU|
  118. MACVLAN_MODE_BRIDGE);
  119. //如果src不为空,说明是本机发出去的报文,经过外面交换机处理后又收到了。
  120. //如果发送此报文的macvlan子接口模式为 MACVLAN_MODE_VEPA,则将
  121. //报文发送给模式为 MACVLAN_MODE_VEPA 和 MACVLAN_MODE_BRIDGE 的macvlan子接口
  122. else if (src->mode == MACVLAN_MODE_VEPA)
  123. /* flood to everyone except source */
  124. macvlan_broadcast(skb, port, src->dev, MACVLAN_MODE_VEPA | MACVLAN_MODE_BRIDGE);
  125. else
  126. /*
  127. * flood only to VEPA ports, bridge ports
  128. * already saw the frame on the way out.
  129. */
  130. //如果发送此报文的macvlan子接口模式不为 MACVLAN_MODE_VEPA,则将
  131. //报文发送给模式为 MACVLAN_MODE_VEPA 的 macvlan 子接口
  132. macvlan_broadcast(skb, port, src->dev, MACVLAN_MODE_VEPA);
  133. rcu_read_unlock();
  134. kfree_skb(skb);
  135. }
  136. static void macvlan_broadcast(struct sk_buff *skb, const struct macvlan_port *port,
  137. struct net_device *src, enum macvlan_mode mode)
  138. {
  139. const struct ethhdr *eth = eth_hdr(skb);
  140. const struct macvlan_dev *vlan;
  141. struct sk_buff *nskb;
  142. unsigned int i;
  143. int err;
  144. unsigned int hash;
  145. if (skb->protocol == htons(ETH_P_PAUSE))
  146. return;
  147. for (i = 0; i < MACVLAN_HASH_SIZE; i++) {
  148. hlist_for_each_entry_rcu(vlan, &port->vlan_hash[i], hlist) {
  149. if (vlan->dev == src || !(vlan->mode & mode))
  150. continue;
  151. hash = mc_hash(vlan, eth->h_dest);
  152. //目的mac得匹配vlan->mc_filter,对于ipv4广播来说,已经设置好了。
  153. //对于ipv4组播和ipv6组播,需要使能混杂模式或者allmulticast。
  154. if (!test_bit(hash, vlan->mc_filter))
  155. continue;
  156. err = NET_RX_DROP;
  157. nskb = skb_clone(skb, GFP_ATOMIC);
  158. if (likely(nskb))
  159. err = macvlan_broadcast_one(nskb, vlan, eth, mode == MACVLAN_MODE_BRIDGE) ?: netif_rx_ni(nskb);
  160. macvlan_count_rx(vlan, skb->len + ETH_HLEN,
  161. err == NET_RX_SUCCESS, true);
  162. }
  163. }
  164. }
  1. 报文发送流程
    从macvlan虚接口发送报文时,调用函数macvlan_start_xmit

  1. static netdev_tx_t macvlan_start_xmit(struct sk_buff *skb, struct net_device *dev)
  2. {
  3. unsigned int len = skb->len;
  4. int ret;
  5. struct macvlan_dev *vlan = netdev_priv(dev);
  6. if (unlikely(netpoll_tx_running(dev)))
  7. return macvlan_netpoll_send_skb(vlan, skb);
  8. //和网卡offload相关的,暂时不看
  9. if (vlan->fwd_priv) {
  10. skb->dev = vlan->lowerdev;
  11. ret = dev_queue_xmit_accel(skb, vlan->fwd_priv);
  12. } else {//直接看这个流程
  13. ret = macvlan_queue_xmit(skb, dev);
  14. }
  15. if (likely(ret == NET_XMIT_SUCCESS || ret == NET_XMIT_CN)) {
  16. struct vlan_pcpu_stats *pcpu_stats;
  17. pcpu_stats = this_cpu_ptr(vlan->pcpu_stats);
  18. u64_stats_update_begin(&pcpu_stats->syncp);
  19. pcpu_stats->tx_packets++;
  20. pcpu_stats->tx_bytes += len;
  21. u64_stats_update_end(&pcpu_stats->syncp);
  22. } else {
  23. this_cpu_inc(vlan->pcpu_stats->tx_dropped);
  24. }
  25. return ret;
  26. }
  27. 在bridge模式下,如果是广播/组播,则将报文发送给其他所
  28. 有macvlan子接口,然后从父接口发送出去。如果是单播,则
  29. 查找目的mac是否为其他macvlan子接口的地址,如果找到
  30. 了,则发送给这个子接口,不再通过父接口发送出去。如果
  31. 查找不到,说明是外部的报文,需要跳转到xmit_world,通过
  32. 父接口发送到外部。
  33. 其他模式下,直接从父接口发送出去。
  34. static int macvlan_queue_xmit(struct sk_buff *skb, struct net_device *dev)
  35. {
  36. const struct macvlan_dev *vlan = netdev_priv(dev);
  37. const struct macvlan_port *port = vlan->port;
  38. const struct macvlan_dev *dest;
  39. //macvlan 为 bridge 模式
  40. if (vlan->mode == MACVLAN_MODE_BRIDGE) {
  41. const struct ethhdr *eth = (void *)skb->data;
  42. //如果是目的mac为组播,则需要转发给同一个父接口上的其他所有macvlan子接口,不包括本身,也不包括父接口
  43. //最后还有跳转到xmit_world,通过父接口发送到外部
  44. /* send to other bridge ports directly */
  45. if (is_multicast_ether_addr(eth->h_dest)) {
  46. macvlan_broadcast(skb, port, dev, MACVLAN_MODE_BRIDGE);
  47. goto xmit_world;
  48. }
  49. //如果是目的mac为单播,则查找目的mac是否为其他macvlan子接口的地址,如果找到了,则发送给这个子接口,不再通过父接口发送出去。
  50. //如果查找不到,说明是外部的报文,需要跳转到xmit_world,通过父接口发送到外部
  51. dest = macvlan_hash_lookup(port, eth->h_dest);
  52. if (dest && dest->mode == MACVLAN_MODE_BRIDGE) {
  53. /* send to lowerdev first for its network taps */
  54. dev_forward_skb(vlan->lowerdev, skb);
  55. return NET_XMIT_SUCCESS;
  56. }
  57. }
  58. xmit_world:
  59. skb->dev = vlan->lowerdev;
  60. return dev_queue_xmit(skb);
  61. }

也可参考:macvlan源码分析 - 简书 (jianshu.com) 

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/很楠不爱3/article/detail/722313
推荐阅读
相关标签
  

闽ICP备14008679号