From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0063.outbound.protection.outlook.com [104.47.1.63]) by dpdk.org (Postfix) with ESMTP id 2FB7C239 for ; Sat, 27 Oct 2018 00:43:01 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Mellanox.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pQhHr67SNZpuMz9iO2LpjljUMS2ocqNq01osbgSuSUg=; b=Cynj0gz9Dp7XPI/w4BSXuaXlfxChtxZBUcaK4LNBnT5muB4FYuFl2jbSFr6EAMf24obAfHX3fcKxrheog5DE5PGG6f6lKkTFBf/lw+RXP1elAw0hmt/3t9+8G/FjIhG3me7iHIl6EOQ7RrhEkOf+udNgkRuLTqnpSDBE8WOE4Do= Received: from DB3PR0502MB3980.eurprd05.prod.outlook.com (52.134.72.27) by DB3PR0502MB3996.eurprd05.prod.outlook.com (52.134.65.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1273.21; Fri, 26 Oct 2018 22:42:58 +0000 Received: from DB3PR0502MB3980.eurprd05.prod.outlook.com ([fe80::f8a1:fcab:94f0:97cc]) by DB3PR0502MB3980.eurprd05.prod.outlook.com ([fe80::f8a1:fcab:94f0:97cc%4]) with mapi id 15.20.1273.025; Fri, 26 Oct 2018 22:42:58 +0000 From: Yongseok Koh To: Slava Ovsiienko CC: Shahaf Shuler , "dev@dpdk.org" Thread-Topic: [PATCH v2 5/7] net/mlx5: e-switch VXLAN tunnel devices management Thread-Index: AQHUZJFa0Xzb/HBSQ0ye9aegR3x2F6UutK6AgAHCugCAADMzgIAAqrMAgADcAQA= Date: Fri, 26 Oct 2018 22:42:58 +0000 Message-ID: <20181026224248.GE13615@mtidpdk.mti.labs.mlnx> References: <1538461807-37507-1-git-send-email-viacheslavo@mellanox.com> <1539612815-47199-1-git-send-email-viacheslavo@mellanox.com> <1539612815-47199-6-git-send-email-viacheslavo@mellanox.com> <20181025002759.GA26874@mtidpdk.mti.labs.mlnx> <20181026062307.GD6434@mtidpdk.mti.labs.mlnx> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: BYAPR01CA0043.prod.exchangelabs.com (2603:10b6:a03:94::20) To DB3PR0502MB3980.eurprd05.prod.outlook.com (2603:10a6:8:10::27) authentication-results: spf=none (sender IP is ) smtp.mailfrom=yskoh@mellanox.com; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [209.116.155.178] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; DB3PR0502MB3996; 6:9BWBu6UpD0Cwc8b7aSuErC4erUw2+CJ38ZQCAQySq2omfrn6VyhIsrqcIMy64wWMpn2eiiCpNhmIlCXhTPDZamDt37/1afBjQMw1k0HAxkAYdMLLBbSAr9V6kNqm9A5cw2WGhHFsokhG18FpJd1jsCwhb49Up+DZK7UkSUZZm7WcHXs4FsJCcfij7sHIiiseuNwKFxw/Hm980kScTaCUEtpbvIBooCiLAvlhYi5kDgTSR9z29lveEYbiRT1tpvCBjPog7TCqhIvj3HSm4uNSyIlgDvXfuZ5rbg6m1fobwR12tyJjNacb1s9e7YZSfgSDMgN7rlabLnndqi6AiaTDwDMQOeizFppi79NuFOlNAb/xiSljJ5NZq35Q3ynRNLpABwjIHxxsedeRMrZMFqXl2wPD68TRIFqcX5hbBddcsnBBwLCgi9aH5+R5NINxEWqLptunToouaTrKwfY43hkzAQ==; 5:/KRpdLNgavSD7hdGaGEDYjCuoIHl1Flo7w9q0GqQD85x2uyGp/CtfOEaHZ9iNHNw/ix9yJwvW0w3cQunRRRjMeSShm40xyYy1pg1tj50XUSyZc9p8qTCuLHKsFhzF2sJkfclwWV71+2nxm1XF5uUM6OO9JUM95kIZ6HpaP081AM=; 7:xMuQqHeuY35FKMDRS3hEKca/rmKYD0xdZHXXUSFiVwcDcEGlwQClxabLMkrdhBsvpo+rhiG5VfJHPxaQqcMG47maIhvLHpN5VTuuidC0reUCQ3Z+Xabm51HJutQsPWYf1KNyCFpLg/IeBGIWk2VaCg== x-ms-office365-filtering-correlation-id: a539d9ce-9311-4820-771d-08d63b946063 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:DB3PR0502MB3996; x-ms-traffictypediagnostic: DB3PR0502MB3996: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(211171220733660)(788757137089); x-ms-exchange-senderadcheck: 1 x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231355)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(6055026)(148016)(149066)(150057)(6041310)(20161123560045)(20161123564045)(20161123562045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699051)(76991095); SRVR:DB3PR0502MB3996; BCL:0; PCL:0; RULEID:; SRVR:DB3PR0502MB3996; x-forefront-prvs: 083751FCA6 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(136003)(39860400002)(346002)(396003)(376002)(13464003)(189003)(199004)(52314003)(3846002)(1076002)(6116002)(25786009)(6862004)(478600001)(4326008)(5660300001)(53936002)(2906002)(97736004)(5024004)(14444005)(256004)(54906003)(86362001)(106356001)(105586002)(6246003)(486006)(476003)(5250100002)(11346002)(446003)(7736002)(68736007)(316002)(6636002)(305945005)(33896004)(76176011)(52116002)(102836004)(8936002)(9686003)(6512007)(33656002)(6486002)(99286004)(71200400001)(561944003)(386003)(53546011)(4744004)(8676002)(81156014)(81166006)(53946003)(71190400001)(186003)(6436002)(93886005)(6506007)(14454004)(66066001)(26005)(2900100001)(229853002)(579004)(569006); DIR:OUT; SFP:1101; SCL:1; SRVR:DB3PR0502MB3996; H:DB3PR0502MB3980.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: mellanox.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: GRa+eE0GzWFn948Q6axuTAJjibhGAjh8fXUUoKKRn1j2MdubTL4l9tI9XrKV0XCQssqUCT7PXVa8sUDVEB/p1lxJtKLrj+zt/iNlMc7y3I884gEgr4M8w47a4o6/f9LJdeepIFQEDt6wewDaFixtuxkXcF1/ZWzjT/jhHA5BZjhO0i2u+N5zAoQOdGJw/lKqkq0wAMGYbtTWcitz1FAwNiX6X2C84GnejtCmB7XazGJOXPW/9cmDh8xfsNIfRPHCUFWSGAdDL80J8OQgfwVUDoVf3joQBdCyiw4suF624KfRm4rIh3gVmu0PxbT8OHmRd/WsAGf3M5lQykubVggojNCPrzIF5zJjth2Pj0/wXxY= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="us-ascii" Content-ID: <71864D68D340644B81D1F7883257E352@eurprd05.prod.outlook.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: Mellanox.com X-MS-Exchange-CrossTenant-Network-Message-Id: a539d9ce-9311-4820-771d-08d63b946063 X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Oct 2018 22:42:58.5278 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: a652971c-7d2e-4d9b-a6a4-d149256f461b X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR0502MB3996 Subject: Re: [dpdk-dev] [PATCH v2 5/7] net/mlx5: e-switch VXLAN tunnel devices management X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Oct 2018 22:43:01 -0000 On Fri, Oct 26, 2018 at 02:35:24AM -0700, Slava Ovsiienko wrote: > > -----Original Message----- > > From: Yongseok Koh > > Sent: Friday, October 26, 2018 9:26 > > To: Slava Ovsiienko > > Cc: Shahaf Shuler ; dev@dpdk.org > > Subject: Re: [PATCH v2 5/7] net/mlx5: e-switch VXLAN tunnel devices > > management > >=20 > > On Thu, Oct 25, 2018 at 01:21:12PM -0700, Slava Ovsiienko wrote: > > > > -----Original Message----- > > > > From: Yongseok Koh > > > > Sent: Thursday, October 25, 2018 3:28 > > > > To: Slava Ovsiienko > > > > Cc: Shahaf Shuler ; dev@dpdk.org > > > > Subject: Re: [PATCH v2 5/7] net/mlx5: e-switch VXLAN tunnel devices > > > > management > > > > > > > > On Mon, Oct 15, 2018 at 02:13:33PM +0000, Viacheslav Ovsiienko wrot= e: > > > > > VXLAN interfaces are dynamically created for each local UDP port > > > > > of outer networks and then used as targets for TC "flower" filter= s > > > > > in order to perform encapsulation. These VXLAN interfaces are > > > > > system-wide, the only one device with given UDP port can exist in > > > > > the system (the attempt of creating another device with the same > > > > > UDP local port returns EEXIST), so PMD should support the shared > > > > > device instances database for PMD instances. These VXLAN > > > > > implicitly created devices are called VTEPs (Virtual Tunnel End P= oints). > > > > > > > > > > Creation of the VTEP occurs at the moment of rule applying. The > > > > > link is set up, root ingress qdisc is also initialized. > > > > > > > > > > Encapsulation VTEPs are created on per port basis, the single VTE= P > > > > > is attached to the outer interface and is shared for all > > > > > encapsulation rules on this interface. The source UDP port is > > > > > automatically selected in range 30000-60000. > > > > > > > > > > For decapsulaton one VTEP is created per every unique UDP local > > > > > port to accept tunnel traffic. The name of created VTEP consists > > > > > of prefix "vmlx_" and the number of UDP port in decimal digits > > > > > without leading zeros (vmlx_4789). The VTEP can be preliminary > > > > > created in the system before the launching > > > > > application, it allows to share UDP ports between primary > > > > > and secondary processes. > > > > > > > > > > Suggested-by: Adrien Mazarguil > > > > > Signed-off-by: Viacheslav Ovsiienko > > > > > --- > > > > > drivers/net/mlx5/mlx5_flow_tcf.c | 503 > > > > > ++++++++++++++++++++++++++++++++++++++- > > > > > 1 file changed, 499 insertions(+), 4 deletions(-) > > > > > > > > > > diff --git a/drivers/net/mlx5/mlx5_flow_tcf.c > > > > > b/drivers/net/mlx5/mlx5_flow_tcf.c > > > > > index d6840d5..efa9c3b 100644 > > > > > --- a/drivers/net/mlx5/mlx5_flow_tcf.c > > > > > +++ b/drivers/net/mlx5/mlx5_flow_tcf.c > > > > > @@ -3443,6 +3443,432 @@ struct pedit_parser { > > > > > return -err; > > > > > } > > > > > > > > > > +/* VTEP device list is shared between PMD port instances. */ > > > > > +static LIST_HEAD(, mlx5_flow_tcf_vtep) > > > > > + vtep_list_vxlan =3D LIST_HEAD_INITIALIZER(); static > > > > pthread_mutex_t > > > > > +vtep_list_mutex =3D PTHREAD_MUTEX_INITIALIZER; > > > > > > > > What's the reason for choosing pthread_mutex instead of rte_*_lock? > > > > > > The sharing this database for secondary processes? > >=20 > > The static variable isn't shared with sec proc. But you can leave it as= is. >=20 > Yes. The sharing just was assumed, not implemented yet. >=20 > >=20 > > > > > + > > > > > +/** > > > > > + * Deletes VTEP network device. > > > > > + * > > > > > + * @param[in] tcf > > > > > + * Context object initialized by mlx5_flow_tcf_context_create(= ). > > > > > + * @param[in] vtep > > > > > + * Object represinting the network device to delete. Memory > > > > > + * allocated for this object is freed by routine. > > > > > + */ > > > > > +static void > > > > > +flow_tcf_delete_iface(struct mlx6_flow_tcf_context *tcf, > > > > > + struct mlx5_flow_tcf_vtep *vtep) { > > > > > + struct nlmsghdr *nlh; > > > > > + struct ifinfomsg *ifm; > > > > > + alignas(struct nlmsghdr) > > > > > + uint8_t buf[mnl_nlmsg_size(MNL_ALIGN(sizeof(*ifm))) + 8]; > > > > > + int ret; > > > > > + > > > > > + assert(!vtep->refcnt); > > > > > + if (vtep->created && vtep->ifindex) { > > > > > > > > First of all vtep->created seems of no use. It is introduced to > > > > select the error message in flow_tcf_create_iface(). I don't see an= y > > > > necessity to distinguish between 'vtep is allocated by rte_malloc()= ' and > > 'vtep is created in kernel'. > > > > > > created flag indicates the iface is created by our code. > > > The VXLAN decap devices must have the specified UDP port, we can not > > > create multiple VXLAN devices with the same UDP port - EEXIST is > > > returned. So, we have to share device. One option is create device > > > before DPDK application launch and use these pre-created devices. > > > Inthis case created flag is not set and VXLAN device is not reinitial= ized, and > > not deleted. > >=20 > > I can't see any code to use pre-created device (created even before dpd= k app > > launch). Your code just tries to create 'vmlx_xxxx'. Even from your com= ment > > in [7/7] patch, PMD will cleanup any leftovers (existing vtep devices) = on > > initialization. Your comment sounds conflicting and confusing. >=20 > There are two types of VXLAN devices: >=20 > - VXLAN decap, not attached to any ifouter. Provides the ingress UDP port= , > we try to share the devices of this type, because we may be asked for > the specified UDP port. No device/rule cleanup and reinit needed. >=20 > - VXLAN encap, should be attached to ifouter to provide strict egress pat= h, > no need to share - egress UDP port does not matter. And we need to cleanu= p ifouter, > remove other attached VXLAN devices and rules, because it is too hard to > co-exist with some pre-created setup..=20 I knew that. But how can it justify the need of 'created' field in vtep str= uct? In this code, it is of no use. But will see how it is used in your v3. > > > > And why do you need to check vtep->ifindex as well? If vtep is > > > > created in kernel and its ifindex isn't set, that should be an erro= r > > > > which had to be hanled in flow_tcf_create_iface(). Such a vtep shou= ldn't > > exist. > > > Yes, if we did not get ifindex of device - vtep is not created, error= returned. > > > We just can not operate w/o ifindex. > >=20 > > I know ifindex is needed but my question was checking vtep->ifindex her= e > > looked redundant/unnecessary. But as you agreed on having > > create/get/release_iface(), it doesn't matter much. >=20 > Yes. I agree, will refactor the code. >=20 > >=20 > > > > Also, the refcnt management is a bit strange. Please put an > > > > abstraction by adding create_iface(), get_iface() and > > > > release_iface(). In the get_ifce(), > > > > vtep->refcnt should be incremented. And in the release_iface(), it > > > > vtep->decrease the > > > OK. Good proposal. I'll refactor the code. > > > > > > > refcnt and if it reaches to zero, the iface can be removed. > > > > create_iface() will set the refcnt to 1. And if you refer to > > > > mlx5_hrxq_get(), it even does searching the list not by repeating t= he > > same lookup code here and there. > > > > That will make your code much simpler. > > > > > > > > > + DRV_LOG(INFO, "VTEP delete (%d)", vtep->ifindex); > > > > > + nlh =3D mnl_nlmsg_put_header(buf); > > > > > + nlh->nlmsg_type =3D RTM_DELLINK; > > > > > + nlh->nlmsg_flags =3D NLM_F_REQUEST; > > > > > + ifm =3D mnl_nlmsg_put_extra_header(nlh, sizeof(*ifm)); > > > > > + ifm->ifi_family =3D AF_UNSPEC; > > > > > + ifm->ifi_index =3D vtep->ifindex; > > > > > + ret =3D flow_tcf_nl_ack(tcf, nlh, 0, NULL, NULL); > > > > > + if (ret) > > > > > + DRV_LOG(WARNING, "netlink: error deleting VXLAN > > > > " > > > > > + "encap/decap ifindex %u", > > > > > + ifm->ifi_index); > > > > > + } > > > > > + rte_free(vtep); > > > > > +} > > > > > + > > > > > +/** > > > > > + * Creates VTEP network device. > > > > > + * > > > > > + * @param[in] tcf > > > > > + * Context object initialized by mlx5_flow_tcf_context_create(= ). > > > > > + * @param[in] ifouter > > > > > + * Outer interface to attach new-created VXLAN device > > > > > + * If zero the VXLAN device will not be attached to any device= . > > > > > + * @param[in] port > > > > > + * UDP port of created VTEP device. > > > > > + * @param[out] error > > > > > + * Perform verbose error reporting if not NULL. > > > > > + * > > > > > + * @return > > > > > + * Pointer to created device structure on success, NULL otherwis= e > > > > > + * and rte_errno is set. > > > > > + */ > > > > > +#ifndef HAVE_IFLA_VXLAN_COLLECT_METADATA > > > > > > > > Why negative(ifndef) first intead of positive(ifdef)? > > > Hm. Did I miss the rule. Positive #ifdef first? OK. > >=20 > > No concrete rule but if there's no specific reason, it would be better = to start > > from ifdef. > >=20 > > > > > +static struct mlx5_flow_tcf_vtep* flow_tcf_create_iface(struct > > > > > +mlx5_flow_tcf_context *tcf __rte_unused, > > > > > + unsigned int ifouter __rte_unused, > > > > > + uint16_t port __rte_unused, > > > > > + struct rte_flow_error *error) { > > > > > + rte_flow_error_set(error, ENOTSUP, > > > > > + RTE_FLOW_ERROR_TYPE_UNSPECIFIED, NULL, > > > > > + "netlink: failed to create VTEP, " > > > > > + "VXLAN metadat is not supported by kernel"); > > > > > > > > Typo. > > > > > > OK. "metadata are not supported". > > > > > > > > > + return NULL; > > > > > +} > > > > > +#else > > > > > +static struct mlx5_flow_tcf_vtep* flow_tcf_create_iface(struct > > > > > +mlx5_flow_tcf_context *tcf, > > > > > > > > How about adding 'vtep'? It sounds vague - creating a general inter= face. > > > > E.g., flow_tcf_create_vtep_iface()? > > > > > > OK. > > > > > > > > > > > > + unsigned int ifouter, > > > > > + uint16_t port, struct rte_flow_error *error) { > > > > > + struct mlx5_flow_tcf_vtep *vtep; > > > > > + struct nlmsghdr *nlh; > > > > > + struct ifinfomsg *ifm; > > > > > + char name[sizeof(MLX5_VXLAN_DEVICE_PFX) + 24]; > > > > > + alignas(struct nlmsghdr) > > > > > + uint8_t buf[mnl_nlmsg_size(sizeof(*ifm)) + 128 + > > > > > > > > Use a macro for '128'. Can't know the meaning. > > > OK. I think we should calculate the buffer size explicitly. > > > > > > > > > > > > + SZ_NLATTR_DATA_OF(sizeof(name)) + > > > > > + SZ_NLATTR_NEST * 2 + > > > > > + SZ_NLATTR_STRZ_OF("vxlan") + > > > > > + SZ_NLATTR_DATA_OF(sizeof(uint32_t)) + > > > > > + SZ_NLATTR_DATA_OF(sizeof(uint32_t)) + > > > > > + SZ_NLATTR_DATA_OF(sizeof(uint16_t)) + > > > > > + SZ_NLATTR_DATA_OF(sizeof(uint8_t))]; > > > > > + struct nlattr *na_info; > > > > > + struct nlattr *na_vxlan; > > > > > + rte_be16_t vxlan_port =3D RTE_BE16(port); > > > > > > > > Use rte_cpu_to_be_*() instead. > > > > > > Yes, I'll recheck the whole code for this issue. > > > > > > > > > > > > + int ret; > > > > > + > > > > > + vtep =3D rte_zmalloc(__func__, sizeof(*vtep), > > > > > + alignof(struct mlx5_flow_tcf_vtep)); > > > > > + if (!vtep) { > > > > > + rte_flow_error_set > > > > > + (error, ENOMEM, > > > > RTE_FLOW_ERROR_TYPE_UNSPECIFIED, > > > > > + NULL, "unadble to allocate memory for VTEP desc"); > > > > > + return NULL; > > > > > + } > > > > > + *vtep =3D (struct mlx5_flow_tcf_vtep){ > > > > > + .refcnt =3D 0, > > > > > + .port =3D port, > > > > > + .created =3D 0, > > > > > + .ifouter =3D 0, > > > > > + .ifindex =3D 0, > > > > > + .local =3D LIST_HEAD_INITIALIZER(), > > > > > + .neigh =3D LIST_HEAD_INITIALIZER(), > > > > > + }; > > > > > + memset(buf, 0, sizeof(buf)); > > > > > + nlh =3D mnl_nlmsg_put_header(buf); > > > > > + nlh->nlmsg_type =3D RTM_NEWLINK; > > > > > + nlh->nlmsg_flags =3D NLM_F_REQUEST | NLM_F_CREATE | > > > > NLM_F_EXCL; > > > > > + ifm =3D mnl_nlmsg_put_extra_header(nlh, sizeof(*ifm)); > > > > > + ifm->ifi_family =3D AF_UNSPEC; > > > > > + ifm->ifi_type =3D 0; > > > > > + ifm->ifi_index =3D 0; > > > > > + ifm->ifi_flags =3D IFF_UP; > > > > > + ifm->ifi_change =3D 0xffffffff; > > > > > + snprintf(name, sizeof(name), "%s%u", MLX5_VXLAN_DEVICE_PFX, > > > > port); > > > > > + mnl_attr_put_strz(nlh, IFLA_IFNAME, name); > > > > > + na_info =3D mnl_attr_nest_start(nlh, IFLA_LINKINFO); > > > > > + assert(na_info); > > > > > + mnl_attr_put_strz(nlh, IFLA_INFO_KIND, "vxlan"); > > > > > + na_vxlan =3D mnl_attr_nest_start(nlh, IFLA_INFO_DATA); > > > > > + if (ifouter) > > > > > + mnl_attr_put_u32(nlh, IFLA_VXLAN_LINK, ifouter); > > > > > + assert(na_vxlan); > > > > > + mnl_attr_put_u8(nlh, IFLA_VXLAN_COLLECT_METADATA, 1); > > > > > + mnl_attr_put_u8(nlh, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, 1); > > > > > + mnl_attr_put_u8(nlh, IFLA_VXLAN_LEARNING, 0); > > > > > + mnl_attr_put_u16(nlh, IFLA_VXLAN_PORT, vxlan_port); > > > > > + mnl_attr_nest_end(nlh, na_vxlan); > > > > > + mnl_attr_nest_end(nlh, na_info); > > > > > + assert(sizeof(buf) >=3D nlh->nlmsg_len); > > > > > + ret =3D flow_tcf_nl_ack(tcf, nlh, 0, NULL, NULL); > > > > > + if (ret) > > > > > + DRV_LOG(WARNING, > > > > > + "netlink: VTEP %s create failure (%d)", > > > > > + name, rte_errno); > > > > > + else > > > > > + vtep->created =3D 1; > > > > > > > > Flow of code here isn't smooth, thus could be error-prone. Most of > > > > all, I don't like ret has multiple meanings. ret should be return > > > > value but you are using it to store ifindex. > > > > > > > > > + if (ret && ifouter) > > > > > + ret =3D 0; > > > > > + else > > > > > + ret =3D if_nametoindex(name); > > > > > > > > If vtep isn't created and ifouter is set, then skip init below, > > > > which means, if > > > > > > ifouter is set for VXLAN encap devices. They should be attached to > > > ifouter and can not be shared. So, if ifouter I set - we do not use > > > the precreated/existing VXLAN devices. We have to create our own not > > shared device. > >=20 > > In your code (flow_tcf_encap_vtep_create()), it is shared by multiple f= lows. > > Do you mean it isn't shared between different outer ifaces? If so, that= 's for > > sure. > Sorry, I do not understand the question. > VXLAN encap device is attached to ifouter and shared by all flows with th= is > ifouter. No multiple VXLAN devices are attached to the same ifouter, only= one. > VXLAN decap device has no attached ifouter, so it can not share it. Yep, that's what I meant. > > > > vtep is created or ifouter is set, it tries to get ifindex of vtep. > > > > But why do you want to try to call this API even if it failed to cr= eate vtep? > > > > Let's not make code flow convoluted even though it logically works. > > > > Let's make it straightforward. > > > > > > > > > + if (ret) { > > > > > + vtep->ifindex =3D ret; > > > > > + vtep->ifouter =3D ifouter; > > > > > + memset(buf, 0, sizeof(buf)); > > > > > + nlh =3D mnl_nlmsg_put_header(buf); > > > > > + nlh->nlmsg_type =3D RTM_NEWLINK; > > > > > + nlh->nlmsg_flags =3D NLM_F_REQUEST; > > > > > + ifm =3D mnl_nlmsg_put_extra_header(nlh, sizeof(*ifm)); > > > > > + ifm->ifi_family =3D AF_UNSPEC; > > > > > + ifm->ifi_type =3D 0; > > > > > + ifm->ifi_index =3D vtep->ifindex; > > > > > + ifm->ifi_flags =3D IFF_UP; > > > > > + ifm->ifi_change =3D IFF_UP; > > > > > + ret =3D flow_tcf_nl_ack(tcf, nlh, 0, NULL, NULL); > > > > > + if (ret) { > > > > > + DRV_LOG(WARNING, > > > > > + "netlink: VTEP %s set link up failure (%d)", > > > > > + name, rte_errno); > > > > > + rte_free(vtep); > > > > > + rte_flow_error_set > > > > > + (error, -errno, > > > > > + RTE_FLOW_ERROR_TYPE_UNSPECIFIED, > > > > NULL, > > > > > + "netlink: failed to set VTEP link up"); > > > > > + vtep =3D NULL; > > > > > + } else { > > > > > + ret =3D mlx5_flow_tcf_init(tcf, vtep->ifindex, error); > > > > > + if (ret) > > > > > + DRV_LOG(WARNING, > > > > > + "VTEP %s init failure (%d)", name, rte_errno); > > > > > + } > > > > > + } else { > > > > > + DRV_LOG(WARNING, > > > > > + "VTEP %s failed to get index (%d)", name, errno); > > > > > + rte_flow_error_set > > > > > + (error, -errno, > > > > > + RTE_FLOW_ERROR_TYPE_UNSPECIFIED, NULL, > > > > > + !vtep->created ? "netlink: failed to create VTEP" : > > > > > + "netlink: failed to retrieve VTEP ifindex"); > > > > > + ret =3D 1; > > > > > > > > If it fails to create a vtep above, it will print out two warning > > > > messages and one rte_flow_error message. And it even selects messag= e > > > > to print between two? > > > > And there's another info msg at the end even in case of failure. Do > > > > you really want to do this even with manipulating ret to change cod= e > > > > path? Not a good practice. > > > > > > > > Usually, code path should be straightforward for sucessful path and > > > > for errors/failures, return immediately or use 'goto' if there's ne= ed for > > cleanup. > > > > > > > > Please refactor entire function. > > > > > > I think I'll split it in two ones - for attached and potentially shar= ed ifaces. > > > > > > > > > + } > > > > > + if (ret) { > > > > > + flow_tcf_delete_iface(tcf, vtep); > > > > > + vtep =3D NULL; > > > > > + } > > > > > + DRV_LOG(INFO, "VTEP create (%d, %s)", vtep->port, vtep ? "OK" : > > > > "error"); > > > > > + return vtep; > > > > > +} > > > > > +#endif /* HAVE_IFLA_VXLAN_COLLECT_METADATA */ > > > > > + > > > > > +/** > > > > > + * Create target interface index for VXLAN tunneling decapsulati= on. > > > > > + * In order to share the UDP port within the other interfaces th= e > > > > > + * VXLAN device created as not attached to any interface (if cre= ated). > > > > > + * > > > > > + * @param[in] tcf > > > > > + * Context object initialized by mlx5_flow_tcf_context_create(= ). > > > > > + * @param[in] dev_flow > > > > > + * Flow tcf object with tunnel structure pointer set. > > > > > + * @param[out] error > > > > > + * Perform verbose error reporting if not NULL. > > > > > + * @return > > > > > + * Interface index on success, zero otherwise and rte_errno is= set. > > > > > > > > Return negative errno in case of failure like others. > > > > > > Anyway, we have to return an index. If we do not return it as functio= n > > > result we will need to provide some extra pointing parameter, it > > complicates the code. > >=20 > > You misunderstood it. See what I wrote below. The function still return= s the > > index but in case of error, make it return negative errno instead of ze= ro. > >=20 > > > > > > > > * Interface index on success, a negative errno value otherwise a= nd > > > > rte_errno is set. > > > > > > > > > + */ > > > > > +static unsigned int > > > > > +flow_tcf_decap_vtep_create(struct mlx5_flow_tcf_context *tcf, > > > > > + struct mlx5_flow *dev_flow, > > > > > + struct rte_flow_error *error) { > > > > > + struct mlx5_flow_tcf_vtep *vtep, *vlst; > > > > > + uint16_t port =3D dev_flow->tcf.vxlan_decap->udp_port; > > > > > + > > > > > + vtep =3D NULL; > > > > > + LIST_FOREACH(vlst, &vtep_list_vxlan, next) { > > > > > + if (vlst->port =3D=3D port) { > > > > > + vtep =3D vlst; > > > > > + break; > > > > > + } > > > > > + } > > > > > > > > You just need one variable. > > > > > > Yes. There is a long story, I forgot to revert code to one variable a= fter > > debugging. > > > > > > > > struct mlx5_flow_tcf_vtep *vtep; > > > > > > > > LIST_FOREACH(vtep, &vtep_list_vxlan, next) { > > > > if (vtep->port =3D=3D port) > > > > break; > > > > } > > > > > > > > > + if (!vtep) { > > > > > + vtep =3D flow_tcf_create_iface(tcf, 0, port, error); > > > > > + if (vtep) > > > > > + LIST_INSERT_HEAD(&vtep_list_vxlan, vtep, next); > > > > > + } else { > > > > > + if (vtep->ifouter) { > > > > > + rte_flow_error_set(error, -errno, > > > > > + RTE_FLOW_ERROR_TYPE_UNSPECIFIED, > > > > NULL, > > > > > + "Failed to create decap VTEP, attached " > > > > > + "device with the same UDP port exists"); > > > > > + vtep =3D NULL; > > > > > > > > Making vtep null to skip the following code? > > > > > > Yes. To avoid multiple return operators in code. > >=20 > > It's okay to have multiple returns. Why not? >=20 > It is easy to miss the return in the midst of function while refactoring= /modifying the code. Your code path doesn't look easy and free from error. Please refer to other control path functions in this PMD. > > > > Please merge the two same > > > > if/else and make the code path strightforward. And which errno do > > > > you expect here? > > > > Should it be set EEXIST instead? > > > Not always. Netlink returns the code. > >=20 > > No, that's not my point. Your code above sets errno instead of rte_errn= o or > > EEXIST. > >=20 > > } else { > > if (vtep->ifouter) { > > rte_flow_error_set(error, -errno, > >=20 > > Which one sets this errno? Here, it sets rte_errno because matched vtep > libmnl sets, while processing the Netlink reply message (callback.c of li= bmnl sources). You still don't understand my point. In this flow_tcf_decap_vtep_create(), if vtep is found (vtep !=3D NULL), ho= w can errno be set? Before the if/else, there's no libmnl call. > > can't be used as it already has outer iface attached (error message isn= 't clear, > > please reword it too). I thought this should be EEXIST but you set errn= o to > > rte_errno but errno isn't valid at this point. > >=20 > > > > > > > > > > > > + } > > > > > + } > > > > > + if (vtep) { > > > > > + vtep->refcnt++; > > > > > + assert(vtep->ifindex); > > > > > + return vtep->ifindex; > > > > > + } else { > > > > > + return 0; > > > > > + } > > > > > > > > Why repeating same if/else? > > > > > > > > > > > > This is my suggestion but if you take my suggestion to have > > > > flow_tcf_[create|get|release]_iface(), this will get much simpler. > > > Agree. > > > > > > > > > > > { > > > > struct mlx5_flow_tcf_vtep *vtep; > > > > uint16_t port =3D dev_flow->tcf.vxlan_decap->udp_port; > > > > > > > > LIST_FOREACH(vtep, &vtep_list_vxlan, next) { > > > > if (vtep->port =3D=3D port) > > > > break; > > > > } > > > > if (vtep && vtep->ifouter) > > > > return rte_flow_error_set(... EEXIST ...); > > > > else if (vtep) { > > > > ++vtep->refcnt; > > > > } else { > > > > vtep =3D flow_tcf_create_iface(tcf, 0, port, error); > > > > if (!vtep) > > > > return rte_flow_error_set(...); > > > > LIST_INSERT_HEAD(&vtep_list_vxlan, vtep, next); > > > > } > > > > assert(vtep->ifindex); > > > > return vtep->ifindex; > > > > } > > > > > > > > > > > > > +} > > > > > + > > > > > +/** > > > > > + * Creates target interface index for VXLAN tunneling encapsulat= ion. > > > > > + * > > > > > + * @param[in] tcf > > > > > + * Context object initialized by mlx5_flow_tcf_context_create(= ). > > > > > + * @param[in] ifouter > > > > > + * Network interface index to attach VXLAN encap device to. > > > > > + * @param[in] dev_flow > > > > > + * Flow tcf object with tunnel structure pointer set. > > > > > + * @param[out] error > > > > > + * Perform verbose error reporting if not NULL. > > > > > + * @return > > > > > + * Interface index on success, zero otherwise and rte_errno is= set. > > > > > + */ > > > > > +static unsigned int > > > > > +flow_tcf_encap_vtep_create(struct mlx5_flow_tcf_context *tcf, > > > > > + unsigned int ifouter, > > > > > + struct mlx5_flow *dev_flow __rte_unused, > > > > > + struct rte_flow_error *error) { > > > > > + static uint16_t encap_port =3D MLX5_VXLAN_PORT_RANGE_MIN - 1; > > > > > + struct mlx5_flow_tcf_vtep *vtep, *vlst; > > > > > + > > > > > + assert(ifouter); > > > > > + /* Look whether the attached VTEP for encap is created. */ > > > > > + vtep =3D NULL; > > > > > + LIST_FOREACH(vlst, &vtep_list_vxlan, next) { > > > > > + if (vlst->ifouter =3D=3D ifouter) { > > > > > + vtep =3D vlst; > > > > > + break; > > > > > + } > > > > > + } > > > > > > > > Same here. > > > > > > > > > + if (!vtep) { > > > > > + uint16_t pcnt; > > > > > + > > > > > + /* Not found, we should create the new attached VTEP. */ > > > > > +/* > > > > > + * TODO: not implemented yet > > > > > + * flow_tcf_encap_iface_cleanup(tcf, ifouter); > > > > > + * flow_tcf_encap_local_cleanup(tcf, ifouter); > > > > > + * flow_tcf_encap_neigh_cleanup(tcf, ifouter); */ > > > > > > > > Personal note is not appropriate even though it is removed in the > > > > following patch. > > > > > > > > > + for (pcnt =3D 0; pcnt <=3D (MLX5_VXLAN_PORT_RANGE_MAX > > > > > + - MLX5_VXLAN_PORT_RANGE_MIN); > > > > pcnt++) { > > > > > + encap_port++; > > > > > + /* Wraparound the UDP port index. */ > > > > > + if (encap_port < MLX5_VXLAN_PORT_RANGE_MIN > > > > || > > > > > + encap_port > MLX5_VXLAN_PORT_RANGE_MAX) > > > > > + encap_port =3D > > > > MLX5_VXLAN_PORT_RANGE_MIN; > > > > > + /* Check whether UDP port is in already in use. */ > > > > > + vtep =3D NULL; > > > > > + LIST_FOREACH(vlst, &vtep_list_vxlan, next) { > > > > > + if (vlst->port =3D=3D encap_port) { > > > > > + vtep =3D vlst; > > > > > + break; > > > > > + } > > > > > + } > > > > > > > > If you want to find out an empty port number, you can use rte_bitma= p > > > > instead of repeating searching the entire list for all possible por= t > > numbers. > > > > > > We do not expect too many VXLAN devices have been created. bitmap. > >=20 > > +1, valid point. > >=20 > > > > > + if (vtep) { > > > > > + vtep =3D NULL; > > > > > + continue; > > > > > + } > > > > > + vtep =3D flow_tcf_create_iface(tcf, ifouter, > > > > > + encap_port, error); > > > > > + if (vtep) { > > > > > + LIST_INSERT_HEAD(&vtep_list_vxlan, vtep, > > > > next); > > > > > + break; > > > > > + } > > > > > + if (rte_errno !=3D EEXIST) > > > > > + break; > > > > > + } > > > > > + } > > > > > + if (!vtep) > > > > > + return 0; > > > > > + vtep->refcnt++; > > > > > + assert(vtep->ifindex); > > > > > + return vtep->ifindex; > > > > > > > > Please refactor this func according to what I suggested for > > > > flow_tcf_decap_vtep_create() and flow_tcf_delete_iface(). > > > > > > > > > +} > > > > > + > > > > > +/** > > > > > + * Creates target interface index for tunneling of any type. > > > > > + * > > > > > + * @param[in] tcf > > > > > + * Context object initialized by mlx5_flow_tcf_context_create(= ). > > > > > + * @param[in] ifouter > > > > > + * Network interface index to attach VXLAN encap device to. > > > > > + * @param[in] dev_flow > > > > > + * Flow tcf object with tunnel structure pointer set. > > > > > + * @param[out] error > > > > > + * Perform verbose error reporting if not NULL. > > > > > + * @return > > > > > + * Interface index on success, zero otherwise and rte_errno is= set. > > > > > > > > * Interface index on success, a negative errno value otherwise a= nd > > > > * rte_errno is set. > > > > > > > > > + */ > > > > > +static unsigned int > > > > > +flow_tcf_tunnel_vtep_create(struct mlx5_flow_tcf_context *tcf, > > > > > + unsigned int ifouter, > > > > > + struct mlx5_flow *dev_flow, > > > > > + struct rte_flow_error *error) { > > > > > + unsigned int ret; > > > > > + > > > > > + assert(dev_flow->tcf.tunnel); > > > > > + pthread_mutex_lock(&vtep_list_mutex); > > > > > + switch (dev_flow->tcf.tunnel->type) { > > > > > + case MLX5_FLOW_TCF_TUNACT_VXLAN_ENCAP: > > > > > + ret =3D flow_tcf_encap_vtep_create(tcf, ifouter, > > > > > + dev_flow, error); > > > > > + break; > > > > > + case MLX5_FLOW_TCF_TUNACT_VXLAN_DECAP: > > > > > + ret =3D flow_tcf_decap_vtep_create(tcf, dev_flow, error); > > > > > + break; > > > > > + default: > > > > > + rte_flow_error_set(error, ENOTSUP, > > > > > + RTE_FLOW_ERROR_TYPE_UNSPECIFIED, > > > > NULL, > > > > > + "unsupported tunnel type"); > > > > > + ret =3D 0; > > > > > + break; > > > > > + } > > > > > + pthread_mutex_unlock(&vtep_list_mutex); > > > > > + return ret; > > > > > +} > > > > > + > > > > > +/** > > > > > + * Deletes tunneling interface by UDP port. > > > > > + * > > > > > + * @param[in] tcf > > > > > + * Context object initialized by mlx5_flow_tcf_context_create(= ). > > > > > + * @param[in] ifindex > > > > > + * Network interface index of VXLAN device. > > > > > + * @param[in] dev_flow > > > > > + * Flow tcf object with tunnel structure pointer set. > > > > > + */ > > > > > +static void > > > > > +flow_tcf_tunnel_vtep_delete(struct mlx5_flow_tcf_context *tcf, > > > > > + unsigned int ifindex, > > > > > + struct mlx5_flow *dev_flow) { > > > > > + struct mlx5_flow_tcf_vtep *vtep, *vlst; > > > > > + > > > > > + assert(dev_flow->tcf.tunnel); > > > > > + pthread_mutex_lock(&vtep_list_mutex); > > > > > + vtep =3D NULL; > > > > > + LIST_FOREACH(vlst, &vtep_list_vxlan, next) { > > > > > + if (vlst->ifindex =3D=3D ifindex) { > > > > > + vtep =3D vlst; > > > > > + break; > > > > > + } > > > > > + } > > > > > > > > It is weird. You just can have vtep pointer in the > > > > dev_flow->tcf.tunnel instead of ifindex_tun which is same as > > > > vtep->ifindex like the assertion below. Then, this lookup can be sk= ipped. > > > > > > OK. Good optimization. > > > > > > > > > > > > + if (!vtep) { > > > > > + DRV_LOG(WARNING, "No VTEP device found in the list"); > > > > > + goto exit; > > > > > + } > > > > > + switch (dev_flow->tcf.tunnel->type) { > > > > > + case MLX5_FLOW_TCF_TUNACT_VXLAN_DECAP: > > > > > + break; > > > > > + case MLX5_FLOW_TCF_TUNACT_VXLAN_ENCAP: > > > > > +/* > > > > > + * TODO: Remove the encap ancillary rules first. > > > > > + * flow_tcf_encap_neigh(tcf, vtep, dev_flow, false, NULL); > > > > > + * flow_tcf_encap_local(tcf, vtep, dev_flow, false, NULL); */ > > > > > > > > Is it a personal note? Please remove. > > > OK. > > > > > > > > > > > > + break; > > > > > + default: > > > > > + assert(false); > > > > > + DRV_LOG(WARNING, "Unsupported tunnel type"); > > > > > + break; > > > > > + } > > > > > + assert(dev_flow->tcf.tunnel->ifindex_tun =3D=3D vtep->ifindex); > > > > > + assert(vtep->refcnt); > > > > > + if (!vtep->refcnt || !--vtep->refcnt) { > > > > > + LIST_REMOVE(vtep, next); > > > > > + flow_tcf_delete_iface(tcf, vtep); > > > > > + } > > > > > +exit: > > > > > + pthread_mutex_unlock(&vtep_list_mutex); > > > > > +} > > > > > + > > > > > /** > > > > > * Apply flow to E-Switch by sending Netlink message. > > > > > * > > > > > @@ -3461,18 +3887,61 @@ struct pedit_parser { > > > > > struct rte_flow_error *error) { > > > > > struct priv *priv =3D dev->data->dev_private; > > > > > - struct mlx5_flow_tcf_context *nl =3D priv->tcf_context; > > > > > + struct mlx5_flow_tcf_context *tcf =3D priv->tcf_context; > > > > > struct mlx5_flow *dev_flow; > > > > > struct nlmsghdr *nlh; > > > > > + int ret; > > > > > > > > > > dev_flow =3D LIST_FIRST(&flow->dev_flows); > > > > > /* E-Switch flow can't be expanded. */ > > > > > assert(!LIST_NEXT(dev_flow, next)); > > > > > + if (dev_flow->tcf.applied) > > > > > + return 0; > > > > > nlh =3D dev_flow->tcf.nlh; > > > > > nlh->nlmsg_type =3D RTM_NEWTFILTER; > > > > > nlh->nlmsg_flags =3D NLM_F_REQUEST | NLM_F_CREATE | > > > > NLM_F_EXCL; > > > > > - if (!flow_tcf_nl_ack(nl, nlh, 0, NULL, NULL)) > > > > > + if (dev_flow->tcf.tunnel) { > > > > > + /* > > > > > + * Replace the interface index, target for > > > > > + * encapsulation, source for decapsulation. > > > > > + */ > > > > > + assert(!dev_flow->tcf.tunnel->ifindex_tun); > > > > > + assert(dev_flow->tcf.tunnel->ifindex_ptr); > > > > > + /* Create actual VTEP device when rule is being applied. */ > > > > > + dev_flow->tcf.tunnel->ifindex_tun > > > > > + =3D flow_tcf_tunnel_vtep_create(tcf, > > > > > + *dev_flow->tcf.tunnel->ifindex_ptr, > > > > > + dev_flow, error); > > > > > + DRV_LOG(INFO, "Replace ifindex: %d->%d", > > > > > + dev_flow->tcf.tunnel->ifindex_tun, > > > > > + *dev_flow->tcf.tunnel->ifindex_ptr); > > > > > + if (!dev_flow->tcf.tunnel->ifindex_tun) > > > > > + return -rte_errno; > > > > > + dev_flow->tcf.tunnel->ifindex_org > > > > > + =3D *dev_flow->tcf.tunnel->ifindex_ptr; > > > > > + *dev_flow->tcf.tunnel->ifindex_ptr > > > > > + =3D dev_flow->tcf.tunnel->ifindex_tun; > > > > > + } > > > > > + ret =3D flow_tcf_nl_ack(tcf, nlh, 0, NULL, NULL); > > > > > + if (dev_flow->tcf.tunnel) { > > > > > + DRV_LOG(INFO, "Restore ifindex: %d->%d", > > > > > + dev_flow->tcf.tunnel->ifindex_org, > > > > > + *dev_flow->tcf.tunnel->ifindex_ptr); > > > > > + *dev_flow->tcf.tunnel->ifindex_ptr > > > > > + =3D dev_flow->tcf.tunnel->ifindex_org; > > > > > + dev_flow->tcf.tunnel->ifindex_org =3D 0; > > > > > > > > ifindex_org looks a temporary storage in this code. And this kind o= f > > > > hassle > > > > (replace/restore) is there because you took the ifindex from the > > > > netlink message. Why don't you have just > > > > > > > > struct mlx5_flow_tcf_tunnel_hdr { > > > > uint32_t type; /**< Tunnel action type. */ > > > > unsigned int ifindex; /**< Original dst/src interface */ > > > > struct mlx5_flow_tcf_vtep *vtep; /**< Tunnel endpoint device. */ > > > > unsigned int *nlmsg_ifindex_ptr; /**< ifindex ptr in Netlink messa= ge. > > > > */ }; > > > > > > > > and don't change ifindex? > > > > > > I propose to use the local variable for ifindex_org and do not keep i= t > > > in structure. *ifindex_ptr will keep. > >=20 > > Well, you still have to restore the ifindex whenever sending the nl msg= . Most > > of all, ifindex_ptr in nl msg isn't a right place to store the ifindex.= =20 > It is stored there for rules w/o tunnels. It is its "native" place, Id pr= efer > not to create some new location to store the original index and save some= space. > We have to swap indices only if rule has requested the tunneling. We can= not No no. At this point, flow is already created to be tunneled one. What do y= ou mean by 'rules w/o tunnels' or 'only if rule has requested the tunneling'??= It has already been created as a vxlan tunnel rule. It won't be changed. The n= lmsg is supposed to have vtep ifindex but translation didn't know it and stored = the outer iface temporarily to get it replaced by vtep ifindex. It never be a 'native'/'original' place to store it. In which case the nl msg can be sent= with the 'original' ifindex? Any specific example? No. > set tunnel index permanently, because rule can be applied/removed/reappli= ed > and other new VXLAN device with new index can be recreated. Every time it is applied, it will get the vtep and overwrite vtep ifindex i= n the nl msg. > > have vtep ifindex but it just temporarily keeps the device ifindex unti= l vtep is > > created/found. Thanks, Yongseok