| blob | d1726ba3450a74f01cb78c11205410be838e4154 |
1 /* Copyright (c) 2017, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
4 #define SCHEDULER_KIST_PRIVATE
6 #include <event2/event.h>
13 #define TOR_CHANNEL_INTERNAL_
16 #define SCHEDULER_PRIVATE_
19 #define TLS_PER_CELL_OVERHEAD 29
21 #ifdef HAVE_KIST_SUPPORT
22 /* Kernel interface needed for KIST. */
23 #include <netinet/tcp.h>
24 #include <linux/sockios.h>
27 /*****************************************************************************
28 * Data structures and supporting functions
29 *****************************************************************************/
31 /* Socket_table hash table stuff. The socket_table keeps track of per-socket
32 * limit information imposed by kist and used by kist. */
34 static uint32_t
36 {
38 }
40 static unsigned
42 {
44 }
51 socket_table_ent_eq)
55 /* outbuf_table hash table stuff. The outbuf_table keeps track of which
56 * channels have data sitting in their outbuf so the kist scheduler can force
57 * a write from outbuf to kernel periodically during a run and at the end of a
58 * run. */
65 static uint32_t
67 {
69 }
71 static unsigned
73 {
75 }
78 outbuf_table_ent_eq)
82 /*****************************************************************************
83 * Other internal data
84 *****************************************************************************/
86 /* Store the last time the scheduler was run so we can decide when to next run
87 * the scheduler based on it. */
89 /* This is a factor for the extra_space calculation in kist per-socket limits.
90 * It is the number of extra congestion windows we want to write to the kernel.
91 */
93 /* How often the scheduler runs. */
96 #ifdef HAVE_KIST_SUPPORT
97 /* Indicate if KIST lite mode is on or off. We can disable it at runtime.
98 * Important to have because of the KISTLite -> KIST possible transition. */
100 /* Indicate if we don't have the kernel support. This can happen if the kernel
101 * changed and it doesn't recognized the values passed to the syscalls needed
102 * by KIST. In that case, fallback to the naive approach. */
108 /*****************************************************************************
109 * Internally called function implementations
110 *****************************************************************************/
112 /* Little helper function to get the length of a channel's output buffer */
115 {
116 /* In theory, this can not happen because we can not scheduler a channel
117 * without a connection that has its outbuf initialized. Just in case, bug
118 * on this so we can understand a bit more why it happened. */
121 }
123 }
125 /* Little helper function for HT_FOREACH_FN. */
126 static int
128 {
132 }
134 /* Free the given outbuf table entry ent. */
135 static int
137 {
143 }
145 /* Free the given socket table entry ent. */
146 static int
148 {
154 }
156 /* Clean up socket_table. Probably because the KIST sched impl is going away */
157 static void
159 {
162 }
166 {
171 }
173 /* Free a socket entry in table for the given chan. */
174 static void
176 {
185 }
187 /* Perform system calls for the given socket in order to calculate kist's
188 * per-socket limit as documented in the function body. */
191 {
192 #ifdef HAVE_KIST_SUPPORT
201 }
203 /* Gather information */
206 /* Oops, this option is not provided by the kernel, we'll have to
207 * disable KIST entirely. This can happen if tor was built on a machine
208 * with the support previously or if the kernel was updated and lost the
209 * support. */
211 "for KIST anymore. We will fallback to the naive "
212 "approach. Remove KIST from the Schedulers list "
215 }
217 }
221 "for KIST anymore. We will fallback to the naive "
222 "approach. Remove KIST from the Schedulers list "
224 /* Same reason as the above. */
226 }
228 }
233 /* In order to reduce outbound kernel queuing delays and thus improve Tor's
234 * ability to prioritize circuits, KIST wants to set a socket write limit
235 * that is near the amount that the socket would be able to immediately send
236 * into the Internet.
237 *
238 * We first calculate how much the socket could send immediately (assuming
239 * completely full packets) according to the congestion window and the number
240 * of unacked packets.
241 *
242 * Then we add a little extra space in a controlled way. We do this so any
243 * when the kernel gets ACKs back for data currently sitting in the "TCP
244 * space", it will already have some more data to send immediately. It will
245 * not have to wait for the scheduler to run again. The amount of extra space
246 * is a factor of the current congestion window. With the suggested
247 * sock_buf_size_factor value of 1.0, we allow at most 2*cwnd bytes to sit in
248 * the kernel: 1 cwnd on the wire waiting for ACKs and 1 cwnd ready and
249 * waiting to be sent when those ACKs finally come.
250 *
251 * In the below diagram, we see some bytes in the TCP-space (denoted by '*')
252 * that have be sent onto the wire and are waiting for ACKs. We have a little
253 * more room in "TCP space" that we can fill with data that will be
254 * immediately sent. We also see the "extra space" KIST calculates. The sum
255 * of the empty "TCP space" and the "extra space" is the kist-imposed write
256 * limit for this socket.
257 *
258 * <----------------kernel-outbound-socket-queue----------------|
259 * <*********---------------------------------------------------|
260 * |----TCP-space-----|----extra-space-----|
261 * |------------------|
262 * ^ ((cwnd - unacked) * mss) bytes
263 * |--------------------|
264 * ^ ((cwnd * mss) * factor) bytes
265 */
267 /* Assuming all these values from the kernel are uint32_t still, they will
268 * always fit into a int64_t tcp_space variable. */
272 }
274 /* The clamp_double_to_int64 makes sure the first part fits into an int64_t.
275 * In fact, if sock_buf_size_factor is still forced to be >= 0 in config.c,
276 * then it will be positive for sure. Then we subtract a uint32_t. At worst
277 * we end up negative, but then we just set extra_space to 0 in the sanity
278 * check.*/
279 extra_space =
285 }
287 /* Finally we set the limit. Adding two positive int64_t together will always
288 * fit in an uint64_t. */
296 fallback:
297 /* If all of a sudden we don't have kist support, we just zero out all the
298 * variables for this socket since we don't know what they should be.
299 * We also effectively allow the socket write as much as it wants to the
300 * kernel, effectively returning it to vanilla scheduler behavior. Writes
301 * are still limited by the lower layers of Tor: socket blocking, full
302 * outbuf, etc. */
305 }
307 /* Given a socket that isn't in the table, add it.
308 * Given a socket that is in the table, re-init values that need init-ing
309 * every scheduling run
310 */
311 static void
313 {
322 }
324 }
326 /* Add chan to the outbuf table if it isn't already in it. If it is, then don't
327 * do anything */
328 static void
330 {
340 }
341 }
343 static void
345 {
352 }
353 }
355 /* Set the scheduler running interval. */
356 static void
358 {
365 }
366 }
368 /* Return true iff the channel hasn’t hit its kist-imposed write limit yet */
369 static int
371 {
376 }
378 /* We previously calculated a write limit for this socket. In the below
379 * calculation, first determine how much room is left in bytes. Then divide
380 * that by the amount of space a cell takes. If there's room for at least 1
381 * cell, then KIST will allow the socket to write. */
386 }
388 /* Update the channel's socket kernel information. */
389 static void
391 {
396 }
398 }
400 /* Increment the channel's socket written value by the number of bytes. */
401 static void
403 {
408 }
414 }
416 /*
417 * A naive KIST impl would write every single cell all the way to the kernel.
418 * That would take a lot of system calls. A less bad KIST impl would write a
419 * channel's outbuf to the kernel only when we are switching to a different
420 * channel. But if we have two channels with equal priority, we end up writing
421 * one cell for each and bouncing back and forth. This KIST impl avoids that
422 * by only writing a channel's outbuf to the kernel if it has 8 cells or more
423 * in it.
424 */
427 {
429 /* CELL_MAX_NETWORK_SIZE * 8 because we only want to write the outbuf to the
430 * kernel if there's 8 or more cells waiting */
432 }
434 /* Little helper function to write a channel's outbuf all the way to the
435 * kernel */
437 {
442 }
444 /* Return true iff the scheduler has work to perform. */
445 static int
447 {
451 }
453 }
455 /* Function of the scheduler interface: free_all() */
456 static void
458 {
460 }
462 /* Function of the scheduler interface: on_channel_free() */
463 static void
465 {
467 }
469 /* Function of the scheduler interface: on_new_consensus() */
470 static void
473 {
478 }
480 /* Function of the scheduler interface: on_new_options() */
481 static void
483 {
486 /* Calls kist_scheduler_run_interval which calls get_options(). */
488 }
490 /* Function of the scheduler interface: init() */
491 static void
493 {
494 /* When initializing the scheduler, the last run could be 0 because it is
495 * declared static or a value in the past that was set when it was last
496 * used. In both cases, we want to initialize it to now so we don't risk
497 * using the value 0 which doesn't play well with our monotonic time
498 * interface.
499 *
500 * One side effect is that the first scheduler run will be at the next tick
501 * that is in now + 10 msec (KIST_SCHED_RUN_INTERVAL_DEFAULT) by default. */
507 "KISTSchedRunInterval is telling us to not use KIST. That's "
509 KIST_SCHED_RUN_INTERVAL_DEFAULT);
511 }
512 }
514 /* Function of the scheduler interface: schedule() */
515 static void
517 {
524 }
527 /* If time is really monotonic, we can never have now being smaller than the
528 * last scheduler run. The scheduler_last_run at first is set to 0. */
532 }
535 /* Takes 1000 ms -> us. This will always be valid because diff can NOT be
536 * negative and can NOT be bigger than sched_run_interval so values can
537 * only go from 1000 usec (diff set to interval - 1) to 100000 usec (diff
538 * set to 0) for the maximum allowed run interval (100ms). */
540 /* Re-adding an event reschedules it. It does not duplicate it. */
544 }
545 }
547 /* Function of the scheduler interface: run() */
548 static void
550 {
551 /* Define variables */
553 /* The last distinct chan served in a sched loop. */
556 /* Channels to be re-adding to pending at the end */
562 /* For each pending channel, collect new kernel information */
571 /* The main scheduling loop. Loop until there are no more pending channels */
573 /* get best channel */
577 /* Some-freaking-how a NULL got into the channels_pending. That should
578 * never happen, but it should be harmless to ignore it and keep looping.
579 */
581 }
584 /* if we have switched to a new channel, consider writing the previous
585 * channel's outbuf to the kernel. */
588 }
593 }
595 }
597 /* Only flush and write if the per-socket limit hasn't been hit */
599 /* flush to channel queue/outbuf */
601 /* XXX: While flushing cells, it is possible that the connection write
602 * fails leading to the channel to be closed which triggers a release
603 * and free its entry in the socket table. And because of a engineering
604 * design issue, the error is not propagated back so we don't get an
605 * error at this poin. So before we continue, make sure the channel is
606 * open and if not just ignore it. See #23751. */
609 }
610 /* flush_result has the # cells flushed */
615 /* XXX: This can happen because tor sometimes does flush in an
616 * opportunistic way cells from the circuit to the outbuf so the
617 * channel can end up here without having anything to flush nor needed
618 * to write to the kernel. Hopefully we'll fix that soon but for now
619 * we have to handle this case which happens kind of often. */
621 "We didn't flush anything on a chan that we think "
622 "can write and wants to write. The channel's state is '%s' "
623 "and in scheduler state %d. We're going to mark it as "
624 "waiting_for_cells (as that's most likely the issue) and "
630 }
631 }
633 /* Decide what to do with the channel now */
638 /* Case 1: no more cells to send, and cannot write */
640 /*
641 * You might think we should put the channel in SCHED_CHAN_IDLE. And
642 * you're probably correct. While implementing KIST, we found that the
643 * scheduling system would sometimes lose track of channels when we did
644 * that. We suspect it has to do with the difference between "can't
645 * write because socket/outbuf is full" and KIST's "can't write because
646 * we've arbitrarily decided that that's enough for now." Sometimes
647 * channels run out of cells at the same time they hit their
648 * kist-imposed write limit and maybe the rest of Tor doesn't put the
649 * channel back in pending when it is supposed to.
650 *
651 * This should be investigated again. It is as simple as changing
652 * SCHED_CHAN_WAITING_FOR_CELLS to SCHED_CHAN_IDLE and seeing if Tor
653 * starts having serious throughput issues. Best done in shadow/chutney.
654 */
660 /* Case 2: no more cells to send, but still open for writes */
667 /* Case 3: cells to send, but cannot write */
669 /*
670 * We want to write, but can't. If we left the channel in
671 * channels_pending, we would never exit the scheduling loop. We need to
672 * add it to a temporary list of channels to be added to channels_pending
673 * after the scheduling loop is over. They can hopefully be taken care of
674 * in the next scheduling round.
675 */
679 }
685 /* Case 4: cells to send, and still open for writes */
690 }
693 /* Write the outbuf of any channels that still have data */
695 NULL);
696 /* We are done with it. */
704 /* Re-add any channels we need to */
711 }
714 }
717 }
719 /*****************************************************************************
720 * Externally called function implementations not called through scheduler_t
721 *****************************************************************************/
723 /* Stores the kist scheduler function pointers. */
733 };
735 /* Return the KIST scheduler object. If it didn't exists, return a newly
736 * allocated one but init() is not called. */
737 scheduler_t *
739 {
741 }
743 /* Check the torrc (and maybe consensus) for the configured KIST scheduler run
744 * interval.
745 * - If torrc > 0, then return the positive torrc value (should use KIST, and
746 * should use the set value)
747 * - If torrc == 0, then look in the consensus for what the value should be.
748 * - If == 0, then return 0 (don't use KIST)
749 * - If > 0, then return the positive consensus value
750 * - If consensus doesn't say anything, return 10 milliseconds, default.
751 */
752 int
754 {
761 }
765 /* Will either be the consensus value or the default. Note that 0 can be
766 * returned which means the consensus wants us to NOT use KIST. */
768 KIST_SCHED_RUN_INTERVAL_DEFAULT,
769 KIST_SCHED_RUN_INTERVAL_MIN,
770 KIST_SCHED_RUN_INTERVAL_MAX);
771 }
773 /* Set KISTLite mode that is KIST without kernel support. */
774 void
776 {
781 }
783 /* Set KIST mode that is KIST with kernel support. */
784 void
786 {
791 }
793 #ifdef HAVE_KIST_SUPPORT
795 /* Return true iff the scheduler subsystem should use KIST. */
796 int
798 {
800 /* We have no kernel support so we can't use KIST. */
802 }
804 /* We do have the support, time to check if we can get the interval that the
805 * consensus can be disabling. */
811 }
815 int
817 {
819 }