Hi,
I'm using many u32 rules to match single IP addresses which then get
shaped using HFSC. Rules continually get added and removed as our DSL
clients authenticat or disconnect.
The initial problem I had was a 'tc filter del' only deletes rules
reliably by referring to the rule's handle. From the cls_u32.c code its
apparent the lower part of the handle can range from 0x800 to 0xfff so I
use hash buckets to allow more than 2048 rules (hashing on the last
octet).
The next problem is that the code allocates the 'next highest' handle
available:
static u32 gen_new_kid(struct tc_u_hnode *ht, u32 handle)
{
struct tc_u_knode *n;
unsigned i = 0x7FF;
for (n=ht->ht[TC_U32_HASH(handle)]; n; n = n->next)
if (i < TC_U32_NODE(n->handle))
i = TC_U32_NODE(n->handle);
i++;
return handle|(i>0xFFF ? 0xFFF : i);
}
Over time this reaches 0xfff, and multiple rules then exist with the
same handle. I've hacked some (rather ugly) code together to allocate
the lowest available handle instead:
static u32 gen_new_kid(struct tc_u_hnode *ht, u32 handle)
{
struct tc_u_knode *n;
unsigned i;
int bit;
char avec[256];
memset(avec, 0, sizeof(avec));
for (n=ht->ht[TC_U32_HASH(handle)]; n; n = n->next)
{
i = TC_U32_NODE(n->handle);
if (i >= 0x800 && i <= 0xFFF)
{
bit = i - 0x800;
avec[bit / 8] |= 1 << (bit % 8);
}
}
for (i = 0x800; i < 0xFFF; i++)
{
bit = i - 0x800;
if (!(avec[bit / 8] & (1 << (bit % 8))))
break;
}
return handle|(i>0xFFF ? 0xFFF : i);
}
This seems to work using some basic testing, but when running over a
long period of time I'm getting kernel crashes. It is possible for
more than one 'filter add' or 'filter del' to be running in parallel
(this is on an SMP server running 2.6.11-rc2-mm2).
Can anyone suggest why this might be causing Oopes or a better way of
allocating handles? Otherwise, is there an easier way of managing tc
filter rules that I'm missing?
Regards,
Shaun Sharples
