Patent Grant
11792307
A portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyright rights whatsoever.
The disclosure relates generally to the field of electronic devices, as well as networks thereof. More particularly, the disclosure is directed to methods and apparatus for implementing computerized networking stack infrastructures. Various aspects of the present disclosure are directed to, in one exemplary aspect, data transfer within user space networking stack infrastructures.
The consumer electronics industry has seen explosive growth in network connectivity; for example, Internet connectivity is now virtually ubiquitous across many different device types for a variety of different applications and functionalities. The successful implementation of network connectivity over a myriad of different usage cases has been enabled by, inter alia, the principles of modular design and abstraction. Specifically, the traditional network communication paradigm incorporates multiple (generally) modular software “layers” into a “communication stack.” Each layer of the communication stack separately manages its own implementation specific considerations, and provides an “abstracted” communication interface to the next layer. In this manner, different applications can communicate freely across different devices without considering the underlying network transport.
The traditional network communication paradigm has been relatively stable for over 30 years. The Assignee hereof has developed its own implementation of a computer networking stack (based on the traditional networking paradigm) that is mature, robust, and feature-rich (yet conservative). This networking stack is the foundation for virtually all networking capabilities, including those used across the Assignee's products (e.g., MacBook®, iMac®, iPad®, and iPhone®, etc.) and has been designed to handle a variety of protocols (such as TCP (Transmission Control Protocol), UDP (User Datagram Protocol) and IP (Internet Protocol)), and proprietary extensions and functionalities.
While the traditional network communication paradigm has many benefits, changes in the commercial landscape have stretched the capabilities of the existing implementations. Over the past years new use cases have emerged that require capabilities beyond those of the traditional networking stack design. For example, some use cases require control and data movement operations to be performed in so-called “user space” (software that is executed outside the kernel, and specific to a user process). Common examples of such applications include without limitation e.g. Virtual Private Networks (VPN), application proxy, content and traffic filtering, and any number of other network-aware user applications.
Furthermore, certain types of user applications (e.g., media playback, real-time or interactive network applications) would benefit from workload-specific customizations and performance optimizations of the networking stack.
Unfortunately, the current one-size-fits-all networking stack was not designed for (and is thus ill-suited to) the requirements of the aforementioned use cases (and others contemplated herein). More directly, supporting user space applications and associated components from within the traditional in-kernel networking stack architecture adds complexity, increases technical debts (the implied cost of rework attributed to deploying a faster, but suboptimal, implementation), brings in higher processing costs, and results in suboptimal performance and higher power consumption.
To these ends, a networking stack architecture and technology that caters to emerging non-kernel use cases is needed. Ideally, but not as a requisite, such solutions should preserve backwards compatibility with the traditional in-kernel networking stack. More generally, improved methods and apparatus for manipulating and/or controlling lower layer networking communication protocols by higher layer software applications is desired.
The present disclosure satisfies the foregoing needs by providing, inter alia, methods and apparatus for data transfer within user space networking stack infrastructures.
In one aspect, a method for single entity buffer pool management for use with user space communication stacks is disclosed. In one embodiment, the method includes establishing a pool of memory resources for a user space communications stack; servicing the user space communications stack based on the established pool of memory resources; determining that more or less memory resources are required for the pool of memory resources; and adding or removing resources within the pool of memory resources in response to the determining.
In one variant, the determining that the more or less memory resources are required for the pool of memory resources includes determining a number of applications that require access to the pool of memory resources.
In another variant, the adding or the removing of resources includes the adding of resources in response to the determining of the number of applications that require the access to the pool of memory resources has increased.
In yet another variant, the determining that the more or less memory resources are required for the pool of memory resources includes determining an instantiation of an additional application.
In yet another variant, the determining that the more or less memory resources are required for the pool of memory resources includes determining a change in operational context for an instantiated application.
In yet another variant, the determining of the change in the operational context for the instantiated application includes determining a more data intensive operation for the instantiated application.
In another aspect, a system for managing a plurality of pools of resources is disclosed. In one embodiment, the system includes: one or more applications, the one or more applications implementing a respective communications stack within user space; one or more channels with each of the one or more channels being associated with a respective one of the one or more applications, the one or more channels operating as an interface between the user space and a kernel space for the system; one or more pools of dedicated resources, each of the one or more pools of dedicated resources being associated with a respective application of the one or more applications; and one or more managed pools of resources, the one or more managed pools of resources being in operative communication with the one or more pools of dedicated resources via a flow switch apparatus.
In one variant, the system further includes one or more drivers, the one or more drivers being configured to establish resources associated with the one or more managed pools of resources.
In another variant, the flow switch apparatus is responsible for transfer of data between the one or more managed pools of resources and the one or more pools of dedicated resources.
In yet another variant, one of the one or more drivers is further configured to establish one of a read only privilege or a write only privilege for a portion of its respective managed pool of resources.
In yet another variant, the one or more managed pools of resources is composed of a region, the region being composed of a plurality of segments with each of the plurality of segments being composed of a plurality of objects.
In yet another variant, each of the plurality of objects is further composed of metadata and a plurality of buflets, each of the plurality of buflets may be composed of a pointer to a respective backing buffer memory.
In yet another variant, each buflet of the plurality of buflets, is allocated by a single entity.
In yet another variant, the single entity is selected from the group consisting of: (1) a driver; and (2) the one or more applications comprising the respective communications stack within the user space.
In yet another aspect, a computerized device for implementing one or more of the foregoing aspects is disclosed and described. In one embodiment, the device comprises a personal or laptop computer. In another embodiment, the device comprises a mobile device (e.g., tablet or smartphone).
In another aspect, an integrated circuit (IC) device for implementing one or more of the foregoing aspects is disclosed and described. In one embodiment, the IC device is embodied as a SoC (system on Chip) device. In another embodiment, an ASIC (application specific IC) is used as the basis of the device. In yet another embodiment, a chip set (i.e., multiple ICs used in coordinated fashion) is disclosed.
In another aspect, a computer readable storage apparatus implementing one or more of the foregoing aspects is disclosed and described. In one embodiment, the computer readable storage apparatus includes a storage medium having a computer program stored thereon, the computer program, which when executed is configured to: establish a pool of memory resources for a user space communications stack; service the user space communications stack based on the established pool of memory resources; determine that more or less memory resources are required for the pool of memory resources; and add or remove resources within the pool of memory resources in response to the determination.
In one variant, the determination that the more or less memory resources are required for the pool of memory resources includes a determination of a number of applications that require access to the pool of memory resources.
In another variant, the addition or the removal of resources includes the addition of resources in response to the determination that the number of applications that require the access to the pool of memory resources has increased.
In yet another variant, the determination that the more or less memory resources are required for the pool of memory resources includes a determination of an instantiation of an additional application.
In yet another variant, the determination that the more or less memory resources are required for the pool of memory resources includes a determination of a change in operational context for an instantiated application.
In yet another variant, the determination of the change in the operational context for the instantiated application includes a determination of a more data intensive operation for the instantiated application.
In yet another aspect, a software architecture for implementing one or more of the foregoing aspects is disclosed and described.
Other features and advantages of the present disclosure will immediately be recognized by persons of ordinary skill in the art with reference to the attached drawings and detailed description of exemplary embodiments as given below.
All figures © Copyright 2017-2018 Apple Inc. All rights reserved.
Reference is now made to the drawings, wherein like numerals refer to like parts throughout.
Detailed Description of Exemplary Embodiments
Exemplary embodiments of the present disclosure are now described in detail. While embodiments are primarily envisioned in the context of use in conjunction with an inter-processor communication link such as that described in, for example, commonly owned U.S. patent application Ser. No. 14/879,024 filed Oct. 8, 2015 and entitled “METHODS AND APPARATUS FOR RUNNING AND BOOTING AN INTER-PROCESSOR COMMUNICATION LINK BETWEEN INDEPENDENTLY OPERABLE PROCESSORS”, now U.S. Pat. No. 10,078,361, and co-owned and co-pending U.S. patent application Ser. No. 16/112,480 filed Aug. 24, 2018 and entitled “Methods and Apparatus for Control of a Jointly Shared Memory-Mapped Region”, each of which being incorporated herein by reference in its entirety, it will be recognized by those of ordinary skill that the present disclosure is not so limited. In fact, the various aspects of the disclosure are useful in a variety of device or network architectures.
Existing Network Socket Technologies—
As shown in
As a brief aside, user space is a portion of system memory that a processor executes user processes from. User space is relatively freely and dynamically allocated for application software and a few device drivers. The kernel space is a portion of memory that a processor executes the kernel from. Kernel space is strictly reserved (usually during the processor boot sequence) for running privileged operating system (O/S) processes, extensions, and most device drivers. For example, each user space process normally runs in a specific memory space (its own “sandbox”), and cannot access the memory of other processes unless explicitly allowed. In contrast, the kernel is the core of a computer's operating system; the kernel can exert complete control over all other processes in the system.
The term “operating system” may refer to software that controls and manages access to hardware. An O/S commonly supports processing functions such as e.g., task scheduling, application execution, input and output management, memory management, security, and peripheral access. As used herein, the term “application” refers to software that can interact with the hardware only via procedures and interfaces offered by the O/S.
The term “privilege” may refer to any access restriction or permission which restricts or permits processor execution. System privileges are commonly used within the computing arts to, inter alia, mitigate the potential damage of a computer security vulnerability. For instance, a properly privileged computer system will prevent malicious software applications from affecting data and task execution associated with other applications and the kernel.
As used herein, the term “in-kernel” and/or “kernel space” may refer to data and/or processes that are stored in, and/or have privilege to access to, the kernel space memory allocations. In contrast, the terms “non-kernel” and/or “user space” refers to data and/or processes that are not privileged to access the kernel space memory allocations. In particular, user space represents the address space specific to the user process, whereas non-kernel space represents address space which is not in-kernel, but which may or may not be specific to user processes.
As previously noted, the illustrated socket 102 provides access to Transmission Control Protocol (TCP) 104, User Datagram Protocol (UDP) 106, and Inter-Process Communication (IPC) 108. TCP, UDP, and IPC are various suites of transmission protocols each offering different capabilities and/or functionalities. For example, UDP is a minimal message-oriented encapsulation protocol that provides no guarantees to the upper layer protocol for message delivery and the UDP layer retains no state of UDP messages once sent. UDP is commonly used for real-time, interactive applications (e.g., video chat, voice over IP (VoIP)) where loss of packets is acceptable. In contrast, TCP provides reliable, ordered, and error-checked delivery of data via a retransmission and acknowledgement scheme; TCP is generally used for file transfers where packet loss is unacceptable, and transmission latency is flexible.
As used herein, the term “encapsulation protocol” may refer to modular communication protocols in which logically separate functions in the network are abstracted from their underlying structures by inclusion or information hiding within higher level objects. For example, in one exemplary embodiment, UDP provides extra information (ports numbering).
As used herein, the term “transport protocol” may refer to communication protocols that transport data between logical endpoints. A transport protocol may include encapsulation protocol functionality.
Both TCP and UDP are commonly layered over an Internet Protocol (IP) 110 for transmission. IP is a connectionless protocol for use on packet-switched networks that provides a “best effort delivery”. Best effort delivery does not guarantee delivery, nor does it assure proper sequencing or avoidance of duplicate delivery. Generally these aspects are addressed by TCP or another transport protocol based on UDP.
As a brief aside, consider a web browser that opens a webpage; the web browser application would generally open a number of network sockets to download and/or interact with the various digital assets of the webpage (e.g., for a relatively common place webpage, this could entail instantiating ˜300 sockets). The web browser can write (or read) data to the socket; thereafter, the socket object executes system calls within kernel space to copy (or fetch) data to data structures in the kernel space.
As used herein, the term “domain” may refer to a self-contained memory allocation e.g., user space, kernel space. A “domain crossing” may refer to a transaction, event, or process that “crosses” from one domain to another domain. For example, writing to a network socket from the user space to the kernel space constitutes a domain crossing access.
In the context of a Berkeley Software Distribution (BSD) based networking implementation, data that is transacted within the kernel space is stored in memory buffers that are also commonly referred to as “mbufs”. Each mbuf is a fixed size memory buffer that is used generically for transfers (mbufs are used regardless of the calling process e.g., TCP, UDP, etc.). Arbitrarily sized data can be split into multiple mbufs and retrieved one at a time or (depending on system support) retrieved using “scatter-gather” direct memory access (DMA) (“scatter-gather” refers to the process of gathering data from, or scattering data into, a given set of buffers). Each mbuf transfer is parameterized by a single identified mbuf.
Notably, each socket transfer can create multiple mbuf transfers, where each mbuf transfer copies (or fetches) data from a single mbuf at a time. As a further complication, because the socket spans both: (i) user space (limited privileges) and (ii) kernel space (privileged without limitation), the socket transfer verifies that each mbuf copy into/out of kernel space is valid. More directly, the verification process ensures that the data access is not malicious, corrupted, and/or malformed (i.e., that the transfer is appropriately sized and is to/from an appropriate area).
The processing overhead associated with domain crossing is a non-trivial processing cost. Processing cost affects user experience both directly and indirectly. A processor has a fixed amount of processing cycles every second; thus cycles that are used for transfer verification detract from more user perceptible tasks (e.g., rendering a video or audio stream). Additionally, processor activity consumes power; thus, increases in processing overhead increases power consumption.
Referring back to
Kernel extensions and public APIs enable, for example, 3rd party software developers to develop a wide variety of applications that can interact with a computer system at even the lowest layers of abstraction. For example, kernel extensions can enable socket level filtering, IP level filtering, and even device interface filtering. In the current consumer applications space, many emerging technologies now rely on closely coupled interfaces to the hardware and kernel functionality. For example, many security applications “sniff” network traffic to detect malicious traffic or filter undesirable content; this requires access to other application sandboxes (a level of privilege that is normally reserved for the kernel).
Unfortunately, 3rd party kernel extensions can be dangerous and/or undesirable. As previously noted, software applications are restricted for security and stability reasons; however the kernel is largely unrestricted. A 3rd party kernel extension can introduce instability issues because the 3rd party kernel extensions run in the same address space as the kernel itself (which is outside the purview of traditional memory read/write protections based on memory allocations). Illegal memory accesses can result in segmentation faults and memory corruptions. Furthermore, unsecure kernel extension can create security vulnerabilities that can be exploited by malware. Additionally, even where correctly used, a kernel extension can expose a user's data to the 3rd party software developer. This heightened level of access may raise privacy concerns (e.g., the 3rd party developer may have access to browsing habits, etc.).
Existing Performance Optimization Technologies—
The DLIL 206 provides a common interface layer to each of the various physical device drivers which will handle the subsequent data transfer (e.g., Ethernet, Wi-Fi, cellular, etc.). The DLIL performs a number of system-wide holistic network traffic management functions. In one such implementation, the DLIL is responsible for BSD Virtual Interfaces, IOKit Interfaces (e.g., DLIL is the entity by which IOKit based network drivers are connected to the networking stack), Active Queue Management (AQM), flow control and advisory action, etc. In most cases, the device driver 208 may be handled by an external device (e.g., a baseband co-processor), thus the DLIL 206 is usually (but not always) the lowest layer of the network communication stack.
During normal operation, the computer system will logically segment its tasks to optimize overall system operation. In particular, a processor will execute a task, and then “context switch” to another task, thereby ensuring that any single process thread does not monopolize processor resources from start to finish. More directly, a context switch is the process of storing the state of a process, or of a thread, so that it can be restored and execution resumed from the same point later. This allows multiple processes to share a single processor. However, excessive amounts of context switching can slow processor performance down. Notably, while the present discussion is primarily discussed within the context of a single processor for ease of understanding, multi-processor systems have analogous concepts (e.g., multiple processors also perform context switching, although contexts may not necessarily be resumed by the same processor).
For example, consider the following example of a packet reception. Packets arrive at the device driver 208A. The hardware managed by the device driver 208A may notify the processor via e.g., a doorbell signal (e.g., an interrupt). The device driver 208A work loop thread handles the hardware interrupt/doorbell, then signals the DLIL thread (Loop 1 210). The processor services the device driver 208A with high priority, thereby ensuring that the device driver 208A operation is not bottlenecked (e.g., that the data does not overflow the device driver's memory and/or that the device driver does not stall). Once the data has been moved out of the device driver, the processor can context switch to other tasks.
At a later point, the processor can pick up the DLIL 206 execution process again. The processor determines which socket the packets should be routed to (e.g., socket 204A) and routes the packet data appropriately (Loop 2 212). During this loop, the DLIL thread takes each packet, and moves each one sequentially into the socket memory space. Again, the processor can context switch to other tasks so as to ensure that the DLIL task does not block other concurrently executed processing.
Subsequently thereafter, when the socket has the complete packet data transfer the processor can wake the user space application and deliver the packet into user space memory (Loop 3 214). Generally, user space applications are treated at lower priority than kernel tasks; this can be reflected by larger time intervals between suspension and resumption. While the foregoing discussion is presented in the context of packet reception, artisans of ordinary skill in the related arts will readily appreciate, given the contents of the present disclosure, that the process is substantially reversed for packet transmission.
As demonstrated in the foregoing example, context switching ensures that tasks of different processing priority are allocated commensurate amounts of processing time. For example, a processor can spend significantly more time executing tasks of relatively high priority, and service lower priority tasks on an as-needed basis. As a brief aside, human perception is much more forgiving than hardware operation. Consequently, kernel tasks are generally performed at a much higher priority than user space applications. The difference in priority between kernel and user space allows the kernel to handle immediate system management (e.g., hardware interrupts, and queue overflow) in a timely manner, with minimal noticeable impact to the user experience.
Moreover,
Unfortunately, changing tastes in consumer expectations cannot be effectively addressed with the one-size-fits-all model and the conservative in-kernel traditional networking stack. Artisans of ordinary skill in the related arts will readily appreciate, given the contents of the present disclosure, that different device platforms have different capabilities; for example, a desktop processor has significantly more processing and memory capability than a mobile phone processor. More directly, the “one-size-fits-all” solution does not account for the underlying platform capabilities and/or application requirements, and thus is not optimized for performance. Fine-tuning the traditional networking stack for performance based on various “tailored” special cases results in an inordinate amount of software complexity which is untenable to support across the entire ecosystem of devices.
Emerging Use Cases—
As shown, an application executing from user space can open a Hypertext Transfer Protocol (HTTP) session 302 with a TLS security layer 304 in order to securely transfer data (Application Transport Security (ATS) services) over a network socket 306 that offers TCP/IP transport 308, 310.
As a brief aside, TLS is a record based protocol; in other words, TLS uses data records which are arbitrarily sized (e.g., up to 16 kilobytes). In contrast, TCP is a byte stream protocol (i.e., a byte has a fixed length of eight (8) bits). Consequently, the TCP layer subdivides TLS records into a sequentially ordered set of bytes for delivery. The receiver of the TCP byte stream reconstructs TLS records from the TCP byte stream by receiving each TCP packet, re-ordering the packets according to sequential numbering to recreate the byte stream, and extracting the TLS record from the aggregated byte stream. Notably, every TCP packet of the sequence must be present before the TLS record can be reconstructed. Even though TCP can provide reliable delivery under lossy network conditions, there are a number of situations where TLS record delivery could fail. For example, under ideal conditions TCP isolates packet loss from its client (TLS in this example), and a single TCP packet loss should not result in failed TLS record delivery. However, the TLS layer or the application above may incorporate a timeout strategy in a manner that is unaware of the underlying TCP conditions. Thus, if there's significant packet loss in the network, the TLS timeout may be hit (and thus result in a failure to the application) even though TCP would normally provide reliable delivery.
Referring back to
Ideally, the TLS layer should set TLS record sizes based on network condition information. In particular, large TLS records can efficiently use network bandwidth, but require many successful TCP packet deliveries. In contrast, small TLS records incur significantly more network overhead, but can survive poor bandwidth conditions. Unfortunately, networking condition information is lower layer information that is available to the kernel space (e.g., the DLIL and device drivers), but generally restricted from user space applications. Some 3rd party application developers and device manufacturers have incorporated kernel extensions (or similar operating system capabilities) to provide network condition information to the TLS user space applications; however, kernel extensions are undesirable due to the aforementioned security and privacy concerns. Alternately, some 3rd party applications infer the presence of lossy network conditions based on historic TLS record loss. Such inferences are an indirect measure and significantly less accurate and lag behind real-time information (i.e., previous packet loss often does not predict future packet loss).
As shown, an application executing from user space can open a Virtual Private Network (VPN) session 402 over a network socket 406 that offers TCP/IP transport 408, 410. The VPN session is secured with Encapsulating Security Protocol (ESP) 412. The encrypted packet is securely tunneled via TLS 404 (in user space) and recursively sent again over TCP/IP transport 408, 410.
As illustrated within
Artisans of ordinary skill in the related arts, given the contents of the present disclosure, will readily appreciate that the exemplary recursive cross layer transaction of
As shown, three (3) different concurrently executed applications (e.g., a real time application 502, interactive application 504, and file transfer applications 506) in user space, each open a session over network sockets 508 (508A, 508B, 508C) that offer TCP/UDP/IP transport 510/512. Depending on the type of physical interface required, the sessions are switched to BSD network interfaces (ifnet) 514 (514A, 514B, 514C) which handle the appropriate technology. Three different illustrated technology drivers are shown: Wi-Fi 516, Bluetooth 518, and cellular 520.
It is well understood within the networking arts that different application types are associated with different capabilities and requirements. One such example is real time applications 502, commonly used for e.g., streaming audio/visual and/or other “live” data. Real time data has significant latency and/or throughput restrictions; moreover, certain real time applications may not require (and/or support) retransmission for reliable delivery of lost or corrupted data. Instead, real time applications may lower bandwidth requirements to compensate for poor transmission quality (resulting in lower quality, but timely, delivered data).
Another such example is interactive applications 504, commonly used for e.g., human input/output. Interactive data should be delivered at latencies that are below the human perceptible threshold (within several milliseconds) to ensure that the human experience is relatively seamless. This latency interval may be long enough for a retransmission, depending on the underlying physical technology. Additionally, human perception can be more or less tolerant of certain types of data corruptions; for example, audio delays below 20 ms are generally imperceptible, whereas audio corruptions (pops and clicks) are noticeable. Consequently, some interactive applications may allow for some level of error correction and/or adopt less aggressive bandwidth management mechanisms depending on the acceptable performance requirements for human perception.
In contrast to real time applications and interactive applications, file transfer applications 506 require perfect data fidelity without latency restrictions. To these ends, most file transfer technologies support retransmission of lost or corrupted data, and retransmission can have relatively long attempt intervals (e.g., on the order of multiple seconds to a minute).
Similarly, within the communication arts, different communication technologies are associated with different capabilities and requirements. For example, Wi-Fi 516 (wireless local area networking based on IEEE 802.11) is heavily based on contention based access and is best suited for high bandwidth deliveries with reasonable latency. Wi-Fi is commonly used for file transfer type applications. Bluetooth 518 (personal area networking) is commonly used for low data rate and low latency applications. Bluetooth is commonly used for human interface devices (e.g., headphones, keyboards, and mouses). Cellular network technologies 520 often provide non-contention based access (e.g., dedicated user access) and can be used over varying geographic ranges. Cellular voice or video delivery is a good example of streaming data applications. Artisans of ordinary skill in the related arts will readily recognize that the foregoing examples are purely illustrative, and that different communication technologies are often used to support a variety of different types of application data. For example, Wi-Fi 516 can support file transfer, real time data transmission and/or interactive data with equivalent success.
Referring back to
Moreover, in the computing arts, a “locking” synchronization mechanism is used by the kernel to enforce access limits (e.g., mutual exclusion) on resources in multi-threaded execution. During operation, each thread acquires a lock before accessing the corresponding locked resources data. In other words, at any point in time, the processor is necessarily limited to only the resources available to its currently executing process thread.
Unfortunately, each of the applications has different latency, throughput and processing utilization requirements. Since, each of the network interfaces is sending and receiving data at different times, in different amounts, and with different levels of priority. From a purely logistical standpoint, the kernel is constantly juggling between high priority kernel threads (to ensure that the high priority hardware activities do not stall out) while still servicing each of its concurrently running applications to attempt to provide acceptable levels of service. In some cases, however, the kernel is bottlenecked by the processor's capabilities. Under such situations, some threads will be deprioritized; currently, the traditional networking stack architecture is unable it clearly identify which threads can be deprioritized while still providing acceptable user service.
For example, consider an “expected use” device of
Unfortunately, the addition of an unexpected amount of additional secondary interactive applications 504 (e.g., remote control interface, headphones, and/or other interface devices) and/or background file transfer applications can easily overwhelm the processor. Specifically, the primary real time application does not get enough CPU cycles to run within its time budget, because the kernel threads handling networking are selected at a higher priority. In other words, the user space application is not able to depress the priority of kernel networking threads (which are servicing both the primary and secondary processes). This can result in significantly worse user experience when the video rendering stalls out (video frame misses or video frame drops); whereas simply slowing down a file transfer or degrading the interaction interface may have been preferable.
Prior art solutions have tailored software for specific device implementations (e.g., the Apple TV®). For example, the device can be specifically programmed for an expected use. However, tailored solutions are becoming increasingly common and by extension the exceptions have swallowed the more generic use case. Moreover, tailored solutions are undesirable from multiple software maintenance standpoints. Devices have limited productive lifetimes, and software upkeep is non-trivial.
Ideally, a per-application or per-profile workload optimization would enable a single processor (or multiple processors) to intelligently determine when and/or how too intelligently context switch and/or prioritize its application load (e.g., in the example of
Exemplary Networking Architecture—
A networking stack architecture and technology that caters to the needs of non-kernel based networking use cases is disclosed herein. Unlike prior art monolithic networking stacks, the exemplary networking stack architecture described hereinafter includes various components that span multiple domains (both in-kernel, and non-kernel), with varying transport compositions, workload characteristics and parameters.
In one exemplary embodiment, a networking stack architecture is disclosed that provides an efficient infrastructure to transfer data across domains (user space, non-kernel, and kernel). Unlike the traditional networking paradigm that hide the underlying networking tasks within the kernel and substantially limits control thereof by any non-kernel applications, the various embodiments described herein enable faster and more efficient cross domain data transfers.
Various embodiments of the present disclosure provide a faster and more efficient packet input/output (I/O) infrastructure than prior art techniques. Specifically, unlike traditional networking stacks that use a “socket” based communication, disclosed embodiments can transfer data directly between the kernel and user space domains. Direct transfer reduces the per-byte and per-packet costs relative to socket based communication. Additionally, direct transfer can improve observability and accountability with traffic monitoring.
In one such variant, a simplified data movement model that does not require mbufs (memory buffers) is described in greater detail herein. During one such exemplary operation, the non-kernel processes can efficiently transfer packets directly to and from the in-kernel drivers.
In another embodiment, a networking stack architecture is disclosed that exposes the networking protocol stack infrastructure to user space applications via network extensions. In one such embodiment, the network extensions are software agents that enable extensible, cross-platform-capable, user space control of the networking protocol stack functionality. In another such embodiment, an in-process user space networking stack facilitates tighter integration between the protocol layers (including TLS) and the application or daemon. In some cases, the user space architecture can expose low-level networking interfaces to transport protocols and/or encapsulation protocols such as UDP, TCP, and QUIC; and enable network protocol extensions and rapid development cycles. Moreover, artisans of ordinary skill in the related arts, given the contents of the present disclosure, will readily appreciate that the various principles described herein may be applied to a variety of other operating systems (such as Windows, Linux, Unix, Android), and/or other cross platform implementations.
In some variants, exemplary embodiments of the networking stack can support multiple system-wide networking protocol stack instances (including an in-kernel traditional network stack). Specifically, in one such variant, the exemplary networking stack architecture coexists with the traditional in-kernel networking stack so as to preserve backwards compatibility for legacy networking applications. In such implementations, the in-kernel network stack instance can coexist with the non-kernel network stack via namespace sharing and flow forwarding.
As used herein, an “instance” may refer to a single copy of a software program or other software object; “instancing” and “instantiations” refers to the creation of the instance. Multiple instances of a program can be created; e.g., copied into memory several times. Software object instances are instantiations of a class; for example, a first software agent and second software instance are each distinct instances of the software agent class.
In one such implementation, load balancing for multiple networking stacks is handled within the kernel, thereby ensuring that no single networking stack (including the in-kernel stack) monopolizes system resources.
As a related variant, current/legacy applications can be handled within the in-kernel stack. More directly, by supporting a separate independent in-kernel BSD stack, legacy applications can continue to work without regressions in functionality and performance.
As shown, a user space application 602 can initiate a network connection by instancing user space protocol stacks 604. Each user space protocol stacks includes network extensions for e.g., TCP/UDP/QUIC/IP, cryptography, framing, multiplexing, tunneling, and/or any number of other networking stack functionalities. Each user space protocol stack 604 communicates with one or more nexuses 608 via a channel input/output (I/O) 606. Each nexus 608 manages access to the network drivers 610. Additionally shown is legacy application 612 support via existing network socket technologies 614. While the illustrated embodiment shows nexus connections to both user space and in-kernel networking stacks, it is appreciated that the nexus may also enable e.g., non-kernel networking stacks (such as may be used by a daemon or other non-kernel, non-user process).
The following topical sections hereinafter describe the salient features of the various logical constructs in greater detail.
Exemplary I/O Infrastructure
In one exemplary embodiment, the non-kernel networking stack provides a direct channel input output (I/O) 606. In one such implementation, the channel I/O 606 is included as part of the user space protocol stack 604. More directly, the channel I/O 606 enables the delivery of packets as a raw data I/O into kernel space with a single validation (e.g., only when the user stack provides the data to the one or more nexuses 608). The data can be directly accessed and/or manipulated in situ, the data need not be copied to an intermediary buffer.
In one exemplary implementation, a channel is an I/O scheme leveraging kernel-managed shared memory. During an access, the channel I/O is presented to the process (e.g., the user process or kernel process) as a file descriptor based object, rather than as data. In order to access the data, the process de-references the file descriptor for direct access to the shared memory within kernel space. In one such implementation, the file descriptor based object based I/O is compatible with existing operating system signaling and “eventing” (event notification/response) mechanisms. In one exemplary variant, the channel I/O is based on Inter Process Communication (IPC) packets.
As used herein, the term “descriptor” may refer to data structures that indicate how other data is stored. Descriptors generally include multiple parameters and can be used to identify more complex data structures; for example, a descriptor may include one or more of type, size, address, tag, flag, headers, footers, metadata, structural links to other data descriptors or locations, and/or any other number of format or construction information.
Within the context of the present disclosure, as used herein, the term “pointer” may refer to a specific reference data type that “points” or “references” a location of data in memory. Typically, a pointer stores a memory address that is interpreted by a compiler as an absolute location in system memory or a relative location in system memory based on e.g., a base address, reference address, memory window, or other memory subset. During operation, a pointer is “de-referenced” to recover the data that is stored in the location of memory.
As used herein, the term “metadata” refers to data that describes data. Metadata varies widely in application, but generally falls into one of the descriptive, structural, and/or administrative categories. Descriptive metadata describes data in a manner to enable e.g., discovery and/or identification. Common examples include without limitation e.g., type, size, index tags, and keywords. Structural metadata describes the structure of the data e.g., how compound objects are put together. Common examples include without limitation e.g., prefix, postfix, table of contents, order, and/or any other information that describes the relationships and other characteristics of digital materials. Administrative metadata provides information to help manage a resource; common examples include e.g., authorship and creation information, access privileges, and/or error checking and security based information (e.g., cyclic redundancy checks (CRC), parity, etc.)
In one exemplary embodiment, the channel I/O can be further leveraged to provide direct monitoring of its corresponding associated memory. More directly, unlike existing data transfers which are based on mbuf based divide/copy/move, etc., the channel I/O can provide (with appropriate viewing privileges) a direct window into the memory accesses of the system. Such implementations further simplify software development as debugging and/or traffic monitoring can be performed directly on traffic. Direct traffic monitoring can reduce errors attributed to false positives/false negatives caused by e.g., different software versioning, task scheduling, compiler settings, and/or other software introduced inaccuracies.
More generally, unlike prior art solutions which relied on specialized networking stack compositions to provide different degrees of visibility at different layers, the monitoring schemes of the present disclosure provide consistent system-wide channel monitoring infrastructures. Consistent frameworks for visibility, accounting, and debugging greatly improve software maintenance and upkeep costs.
Additionally, simplified schemes for egress filtering can be used to prevent traffic spoofing for user space networking stack instances. For example, various embodiments ensure that traffic of an application cannot be hijacked by another malicious application (by the latter claiming to use the same tuple information, e.g. TCP/UDP port).
In one exemplary embodiment, the in-kernel network device drivers (e.g. Wi-Fi, Cellular, Ethernet) use simplified data movement models based on the aforementioned channel I/O scheme. More directly, the user space networking stacks can directly interface to each of the various different technology based network drivers via channel I/O; in this manner, the user space networking stacks do not incur the traditional data mbuf based divide/copy/move penalties. Additionally, user space applications can directly access user space networking components for immediate traffic handling and processing.
Exemplary Nexus
In one exemplary embodiment, the networking stack connects to one or more nexus 608. In one such implementation, the nexus 608 is a kernel space process that arbitrates access to system resources including, without limitation e.g., shared memory within kernel space, network drivers, and/or other kernel or user processes. In one such variant, the nexus 608 aggregates one or more channels 606 together for access to the network drivers 610 and/or shared kernel space memory.
In one exemplary implementation, a nexus is a kernel process that determines the format and/or parameters of the data flowing through its connected channels. In some variants, the nexus may further perform ingress and/or egress filtering.
The nexus may use the determined format and/or parameter information to facilitate one-to-one and one-to-many topologies. For example, the nexus can create user-pipes for process-to-process channels; kernel-pipes for process-to-kernel channels; network interfaces for direct channel connection from a process to in-kernel network drivers, or legacy networking stack interfaces; and/or flow-switches for multiplexing flows across channels (e.g., switching a flow from one channel to one or more other channels).
Additionally, in some variants the nexus may provide the format, parameter, and/or ingress egress information to kernel processes and/or one or more appropriately privileged user space processes.
In one exemplary embodiment, the nexus 608 may additionally ensure that there is fairness and/or appropriately prioritize each of its connected stacks. For example, within the context of
In one such embodiment, in-kernel, non-kernel, and/or user space infrastructures ensure fairness and can reduce latency due to e.g., buffer bloat (across channels in a given nexus, as well as flows within a channel). In other words, the in-kernel and/or user space infrastructures can negotiate proper buffering sizes based on the expected amount of traffic and/or network capabilities for each flow. By buffering data according to traffic and/or network capability, buffers are not undersized or oversized.
As a brief aside, “buffer bloat” is commonly used to describe e.g., high latency caused by excessive buffering of packets. Specifically, buffer bloat may occur when excessively large buffers are used to support a real time streaming application. As a brief aside, TCP retransmission mechanism relies on measuring the occurrence of packet drops to determine the available bandwidth. Under certain congestion conditions, excessively large buffers can prevent the TCP feedback mechanism from correctly inferring the presence of a network congestion event in a timely manner (the buffered packets “hide” the congestion, since they are not dropped). Consequently, the buffers have to drain before TCP congestion control resets and the TCP connection can correct itself.
Referring back to
While the foregoing example is based on “fairness” standard, artisans of ordinary skill in the related arts will readily appreciate that other schemes may be substituted with equivalent success given the contents of the present disclosure. For example, some embodiments may dynamically or statically service the user application networking space with greater or less weight compared to the legacy socket based access. For example, user application networking space may be more heavily weighted to improve overall performance or functionality, whereas legacy socket based access may be preferred where legacy applications are preferentially supported (e.g., see Protocol Unloading and Offloading, discussed infra).
Exemplary Network Extensions
In one exemplary embodiment of the present disclosure, a network extension is disclosed. A network extension is an agent-based extension that is tightly coupled to network control policies. The agent is executed by the kernel and exposes libraries of network control functionality to user space applications. During operation, user space software can access kernel space functionality through the context and privileges of the agent.
As used herein, the term “agent” may refer to a software agent that acts for a user space application or other program in a relationship of agency with appropriate privileges. The agency relationship between the agent and the user space application implies the authority to decide which, if any, action is appropriate given the user application and kernel privileges. A software agent is privileged to negotiate with the kernel and other software agents regarding without limitation e.g., scheduling, priority, collaboration, visibility, and/other sharing of user space and kernel space information. While the agent negotiates with the kernel on behalf of the application, the kernel ultimately decides on scheduling, priority, etc.
Various benefits and efficiencies can be gained through the use of network extensions. In particular, user space applications can control the protocol stack down to the resolution of exposed threads (i.e., the threads that are made available by the agent). In other words, software agents expose specific access to lower layer network functionality which was previously hidden or abstracted away from user space applications. For example, consider the previous examples of TLS record sizing (see e.g.,
Similarly, consider the previous examples of multi-threading within the context of expected use devices (see e.g.,
As a related benefit, since a software agent represents the application to the kernel; the agent can trust the kernel, but the kernel may or may not trust the agent. For example, a software agent can be used by the kernel to convey network congestion information in a trusted manner to the application; similarly, a software agent can be used by an application to request a higher network priority. Notably, since a software agent operates from user space, the agent's privilege is not promoted to kernel level permissions. In other words, the agent does not permit the user application to exceed its privileges (e.g., the agent cannot commandeer the network driver at the highest network priority, or force a read/write to another application's memory space without the other kernel and/or other application's consent).
Networking extensions allow the user space application to execute networking communications functionality within the user space and interpose a network extension between the user space application and the kernel space. As a result, the number of cross domain accesses for complex layering of different protocol stacks can be greatly reduced. Limiting cross domain accesses prevents context switching and allows the user space to efficiently police its own priorities. For example, consider the previous example of a VPN session as was previously illustrated in
As used herein, the term “interposition” may refer to the insertion of an entity between two or more layers. For example, an agent is interposed between the application and the user space networking stack. Depending on the type of agent or network extension, the interposition can be explicit or implicit. Explicit interposition occurs where the application explicitly instances the agent or network extension. For example, the application may explicitly call a user space tunnel extension. In contrast, implicit interposition occurs where the application did not explicitly instance the agent or network extension. Common examples of implicit interposition occur where one user space application sniffs the traffic or filters the content of another user space application.
Namespace Sharing & Flow Forwarding Optimizations
In one exemplary optimization of the present disclosure, the nexus includes a namespace registration and management component that manages a common namespace for all of its connected networking stack instances. As a brief aside, a namespace generally refers to a set of unique identifiers (e.g., the names of types, functions, variables) within a common context. Namespaces are used to prevent naming “collisions” which occur where multiple processes call the same resource differently and/or call different resources the same.
In one such implementation, the shared networking protocol has a common namespace (e.g., {Address, Protocol, and Port}) across multiple networking stack instances. Sharing a namespace between different networking stacks reduces the amount of kernel burden, as the kernel can natively translate (rather than additionally adding a layer of network address translation).
For example, if a first application acquires port 80, the namespace registration ensures that other applications will not use port 80 (e.g., they can be assigned e.g., port 81, 82, etc.) In some such implementations, legacy clients may use default namespaces that conflict (e.g., a default web client may always select port 80); thus the shared namespace registration may also be required to force a re-assignment of a new identifier (or else translate for) such legacy applications.
In one exemplary embodiment, the namespace registration and management components control flow-switching and forwarding logic of each flow-switch nexus instance. For example, as previously noted, the nexus can create user-pipes for process-to-process channels; kernel-pipes for process-to-kernel channels; network interfaces for direct channel connection from a process to in-kernel network drivers, or legacy networking stack interfaces; and/or flow-switches for multiplexing flows across channels (e.g., switching a flow from one channel to one or more other channels).
For example, during normal operation when an application requests a port, the namespace registration and management will create a flow and assign a particular port to the application. Subsequent packets addressed to the port will be routed appropriately to the flow's corresponding application. In one such variant, packets that do not match any registered port within the shared namespace registration and management will default to the legacy networking stack (e.g., the flow-switch assumes that the unrecognized packet can be parsed and/or ignored by the fallback legacy stack).
Artisans of ordinary skill in the related arts will readily appreciate, given the contents of the present disclosure that disparate and/or otherwise distinct namespace registrations and/or management components may be preferable based on other implementation specific considerations. For example, some implementations may prefer to shield namespaces from other external processes e.g., for security and/or privacy considerations. In other implementations, the benefits associated with native namespace translation may be less important than supporting legacy namespaces.
Protocol Onloading and Offloading
In the foregoing discussions, the improvements to user space operation may be primarily due to the user space networking stack, as shown in
Colloquially, the term “hardware offload” may be commonly used to denote tasks which can be handled within dedicated hardware logic to improve overall processing speed or efficiency. One such example is the cyclic redundancy check (CRC) calculation which is an easily parameterized, closed, iterative calculation. The characteristics of CRC calculation lend itself to hardware offload because the CRC does not benefit from the flexibility of a general purpose processor, and CRC calculations are specialized functions that are not transferable to other processing operations.
By analogous extension, as used herein, the term “protocol offload” may refer to processes that should be handled within the legacy networking stack because they are not specific to a user space application or task. In contrast, the term “protocol onload” may refer to processes that should be handled within a user space networking stack because they are specific to a user space application or task and benefit the overall performance. As a general qualitative criteria, tasks which are “fast” (e.g., generally UDP/TCP/IP based user space applications) are protocol onloaded to improve user performance; in contrast “slow” tasks (e.g., ARP, IPv6 Neighbor Discovery, Routing table updates, control path for managing interfaces, etc.) are protocol offloaded.
For example, consider Address Resolution Protocol (ARP) request handling; when an ARP request comes in, the host processor responds with a reply. However, the ARP request is non-specific to a user space application; rather the ARP reply concerns the holistic system. More generally, any networking process that is not specific to an application space can be implemented within the kernel under legacy techniques. Alternatively, any process that can be handled regardless of device state should remain with the kernel (e.g., the kernel persists across low power states, and is never killed).
By allowing the mature in-kernel networking stack to retain ownership of certain control logic (e.g. routing and policy table, interface configuration, address management), various embodiments of the present disclosure avoid “split-brain” behaviors. In other words, the kernel ensures that networking data and/or availability remains consistent regardless of the user space application availability.
Exemplary User Space Networking Stack
Referring now to
In one exemplary embodiment, the user space networking stack 700 is instantiated within an application user space 718. More directly, the user space networking stack 700 is treated identically to any one of multiple threads 710 within the application user space 718. Each of the coexisting threads 720 has access to the various functions and libraries offered by the user space networking stack via a direct function call.
As a brief aside, each of the threads 720 reside within the same address space. By virtue of their shared addressability, each of the threads may grant or deny access to their portions of shared address space via existing user space memory management schemes and/or virtual machine type protections. Additionally, threads can freely transfer data structures from one to the other, without e.g., incurring cross domain penalties. For example, TCP data 710 can be freely passed to TLS 706 as a data structure within a user space function call.
As previously noted, the user space networking stack 700 may grant or deny access to other coexistent user space threads; e.g., a user space thread is restricted to the specific function calls and privileges made available via the application interface 702. Furthermore, the user space networking stack 700 is further restricted to interfacing the operating system via the specific kernel function calls and privileges made available via the operating system interface 704. In this manner, both the threads and the user space networking stack have access and visibility into the kernel space, without compromising the kernel's security and stability.
One significant benefit of the user space networking stack 700 is that networking function calls can be made without acquiring various locks that are present in the in-kernel networking stack. As previously noted, the “locking” mechanism is used by the kernel to enforce access limits on multiple threads from multiple different user space applications; however in the user space, access to shared resources are handled within the context of only one user application space at a time, consequently access to shared resources are inherently handled by the single threading nature of user space execution. More directly, only one thread can access the user space networking stack 700 at a time; consequently, kernel locking is entirely obviated by the user space networking stack.
Another benefit of user space based network stack operation is cross platform compatibility. For example, certain types of applications (e.g., iTunes®, Apple Music® developed by the Assignee hereof) are deployed over a variety of different operating systems. Similarly, some emerging transport protocols (e.g. QUIC) are ideally served by portable and common software between the client and server endpoints. Consistency in the user space software implementation allows for better and more consistent user experience, improves statistical data gathering and analysis, and provides a foundation for enhancing, experimenting and developing network technologies used across such services. In other words, a consistent user space networking stack can be deployed over any operating system platform without regard for the native operating system stack (e.g., which may vary widely).
Another important advantage of the exemplary user space networking stack is the flexibility to extend and improve the core protocol functionalities, and thus deliver specialized stacks based on the application's requirements. For example, a video conferencing application (e.g., FaceTime® developed by the Assignee hereof) may benefit from a networking stack catered to optimize performance for real-time voice and video-streaming traffics (e.g., by allocating more CPU cycles for video rendering, or conversely deprioritizing unimportant ancillary tasks). In one such variant, a specialized stack can be deployed entirely within the user space application, without specialized kernel extensions or changes to the kernel. In this manner, the specialized user space networking stack can be isolated from networking stacks. This is important both from a reliability standpoint (e.g., updated software doesn't affect other software), as well as to minimize debugging and reduce development and test cycle times.
Furthermore, having the network transport layer (e.g. TCP, QUIC) reside in user space can open up many possibilities for improving performance. For example, as previously alluded to, applications (such as TLS) can be modified depending on the underlying network connections. User space applications can be collapsed or tightly integrated into network transports. In some variants, data structure sizes can be adjusted based on immediate lower layer network condition information (e.g., to accommodate or compensate for poor network conditions). Similarly, overly conservative or under conservative transport mechanisms can be avoided (e.g., too much or not enough buffering previously present at the socket layer). Furthermore, unnecessary data copies and/or transforms can be eliminated and protocol signaling (congestion, error, etc.) can be delivered more efficiently.
In yet another embodiment, the exemplary user space networking stack further provides a framework for both networking clients and networking providers. In one such variant, the networking client framework allows the client to interoperate with any network provider (including the legacy BSD stack). In one such variant, the network provider framework provides consistent methods of discovery, connection, and data transfer to networking clients. By providing consistent frameworks for clients and providers which operate seamlessly over a range of different technologies (such as a VPN, Bluetooth, Wi-Fi, cellular, etc.), the client software can be greatly simplified while retaining compatibility with many different technologies.
Exemplary Proxy Agent Application Operation
Inside the kernel, the data is divided/copied/moved for delivery via the TCP/IP stack 806/808 to the BSD network interface 810A. The BSD network interface 810A routes the data to a virtual driver 812A. These steps may introduce buffering delays as well as improper buffer sizing issues such as buffer bloat.
In order to access the application proxy (which is in a different user space), the virtual driver reroutes the data to a second socket 804B which is in the different user space from the original application. This constitutes a second domain crossing, which incurs additional validation and context switching penalties.
In user space, the data enters an agent 814 which prepares the data for delivery (tunneling 816, framing 818, and cryptographic security 820). Thereafter, the proxy agent 814 transmits the prepared data via a socket 804B to route data packets to a user space driver 822 via the TCP/IP 806/808 and a separate BSD network interface 810B. Again, the data is passed through the socket 804B. This is a third domain crossing, with validation and context switching penalties.
Inside the kernel, the data is divided/copied/moved for delivery via the TCP/IP stack 806/808 to a BSD network interface 810B. The steps of The BSD network interface 810B routes the data to a virtual driver 812B. These steps introduce additional buffering delays as well as improper buffer sizing issues such as buffer bloat.
Finally, the virtual driver 812B reroutes the data to the user space driver (e.g., a Universal Serial Bus (USB) driver), which requires another socket transfer from 804B to 804C; the data crosses into the user space for the user based driver 822, and crosses the domain a fifth time to be routed out the USB Hardware (H/W) driver 824. Each of these domain crossings are subject to the validation and context switching penalties as well as any buffering issues.
As shown therein, an application 902 provides data via shared memory space file descriptor objects to the agent 904. The agent 904 internally processes the data via TCP/IP 906/908 to the tunneling function 910. Thereafter, the data is framed 912, cryptographically secured 914, and routed via TCP/IP 906/908 to the user driver 916. The user driver uses a channel I/O to communicate with nexus 918 for the one (and only) domain crossing into kernel space. Thereafter, the nexus 918 provides the data to the H/W driver 920.
When compared side-by-side, the user space networking stack 900 has only one (1) domain crossing, compared to the traditional networking stack 800 which crossed domains five (5) times for the identical VPN operation. Moreover, each of the user space applications could directly pass data via function calls within user memory space between each of the intermediary applications, rather than relying on the kernel based generic mbuf divide/copy/move scheme (and its associated buffering inefficiencies).
Exemplary Driver Managed Pool Resources
In prior implementations, a single BSD communications stack (e.g., TCP/IP) was executed in kernel space by the O/S. Accordingly, in order for a user space application to transfer data (e.g., through a Wi-Fi interface), the user space application would need to write to a socket in order to hand over this data from the user space to the kernel space. The fact that the single BSD communications stack resided in the kernel space ensured security for the transferred data. Moreover, traditional implementations would utilize a global pool of mbufs for all data transfers (e.g., for domain crossing transactions) in the BSD communications stack. The use of this global pool of mbufs was “secure” in prior implementations since read and write accesses to the global pool of mbufs was managed by processes within the kernel space. Moreover, in order to extend the security of this architecture to include bus-master capable hardware devices, device drivers would deploy bounce buffer schemes in order to restrict hardware access to the global pool of mbufs.
However, the assumptions of the prior single BSD stack scheme may not be particularly suitable for various embodiments of the present disclosure. In particular, a number of potential deficiencies may be introduced when user space applications instantiate their own communications stack within the user space. For example, the use of a global pool of mbufs is no longer secure; for example, one application, which is running its own communication stack from within the user space, could write into and/or read from another application's pool of data resources. Moreover, one application could conceivably “hoard” a significant amount of the global pool of mbufs (e.g., most or all), leaving other applications with insufficient memory resources to service their own processes or requests.
Additionally, the existing global pool of mbufs was a “one-size-fits-all” solution, which may result in an inefficient use of memory space. For example, the global pool of mbufs may be over-sized compared to the actual demands of the system in order to handle all potential use cases, whether or not these potential use cases would actually be used by the system. Additionally, consider a scenario in which each mbuf is of a fixed memory size (e.g., 2 KB). A given application may be required to transfer (to and/or from) an amount of data that does not neatly fit in the fixed memory size mbufs. For example, an application that transfers 2.5 KB of data would require two 2 KB mbufs (e.g., 4 KB). Accordingly, 4 KB of memory resources would be allocated in order to ensure the transfer of 2.5 KB of data, resulting in 1.5 KB of memory resources that are underutilized and unavailable for other applications.
Implementations are now described which address the foregoing deficiencies associated with, for example, implementation of application communication stacks within the user space.
Referring now to
As shown in
In one exemplary embodiment, the flow switch 1008 apparatus is responsible for transferring data between pools 1006 and pools 1010. In some implementations, the flow switch apparatus 1008 may read data from one pool resource (e.g., pool 1006A) and write this data to another pool resource (e.g., pool 1010B) and vice versa. As an alternative implementation, the flow switch apparatus may redirect a pointer so as to enable data to be transferred from one pool resource (e.g., pool 1010B) to another pool resource (e.g., pool 1006A) and vice versa. In the case of trusted applications (e.g., first party applications), the single-entity managed pool of resources 1010 may be accessed directly via respective channels 1004. In some variants, this data may be compressed prior to transfer and decompressed prior to being read and/or may be encrypted prior to transfer and decrypted prior to being read. These and other variants would be readily apparent to one of ordinary skill given the contents of the present disclosure.
In some implementations, each managed pool of resources (e.g., by respective drivers 1010A, 1010B) are exclusively managed by a single entity (e.g., by respective drivers 1012A, 1012B). More directly, each driver 1012 may have exclusive control over its respective managed pool of resources 1010 and may further decide what data is transferred to/from its respective managed pool of resources 1010, along with how much data may be transferred to/from its respective managed pool of resources 1010 as well as what applications 1002 have access to its respective managed pool of resources 1010.
In some variants, the single entity may only allow unidirectional access e.g., either read from (or write to) the managed pool of resources 1010. Consequently, the single entity may allow unidirectional access e.g., either write to (or read from) the pool of resources 1006 associated with a given application. For example, driver 1012B entities may limit pool 1010B to only receiving or transmitting data.
In some alternative implementations, a pool of resources 1010 may be directly accessible via a channel 1004. Such implementations may be useful to boost the performance of trusted applications (such as so-called “first party” applications i.e., applications designed and implemented by the manufacturer of the device, “second party” applications i.e., applications designed and implemented by a trusted partner or vendor, etc.).
Referring now to
As used herein, “wired” memory refers to memory allocations that are backed by actual physical memory; in contrast, “unwired” or “purgeable” memory refers to memory allocations that may be either actually present or virtually present (virtually present memory can be recalled from a larger backing memory, with a page fault penalty). Notably, the aforementioned mbufs for traditional in-kernel operation and driver I/O bounce buffers are wired memory; however, the memory allocations for channel I/O (e.g., buffers) disclosed in the various described embodiments are generally purgeable (with a few exceptions described in greater detail, infra). The ability to purge memory allocations for channel I/O can be used to facilitate memory reclamation.
The memory segments that contain the buffers 1024 pointed to by the buflets 1022 may be mapped to input/output (I/O) address space for direct memory access (DMA) operation, via the DART/IOMMU DMA mapping that occurs at the slab (segment) level. Each pool may solely be allocated to/requested by/managed by a single entity. For example, this single entity may be the aforementioned driver 1012, or may even be the application itself 1002 in some implementations. In instances in which the application 1002 manages the buflets 1022, the application 1002 may preferably be a trusted application (e.g., a first party application as opposed to, for example, a third party application). The buffer or object 1018 sizes themselves may be individually determined (and controlled) by the aforementioned single entity allowing for customized usage cases that may be dependent upon, for example, the data sizes to be transmitted to/from a respective application 1002. This dedicated mapping may also allow for direct memory mapped reads and/or writes without, for example, contention management and/or duplicate copies thereby enabling a so-called “zero-copy architecture” or reduced copy requirements. Zero-copy architectures do not copy data from one memory area to another which saves processor cycles and memory bandwidth.
For example, a device driver 1012 may require a pool of packet buffers (e.g., segment 1016) to support direct memory access (DMA) to buffered memory 1024. In order to support DMA within, for example, this shared purgeable memory; the single entity (e.g., the driver and/or application) may dynamically map segments 1016 into the Input/Output Memory Management Unit (IOMMU) or DMA Address Relocation Table (DART) aperture. In some variants, the single entity managed pool of resources 1010 may be controlled by the driver 1012 (e.g., not by the user or kernel process). Various embodiments may further allow the pool 1010 to be exclusive to the driver 1012, or shared among several drivers 1012A, 1012B. Read and write attributes may also be restricted on both the host and the device side based on the I/O direction.
More directly, a system global packet buffer pool is suboptimal in terms of resource allocation, and does not offer the ability to deploy device/driver specific security policies. In contrast, a buffer pool that is individually controlled by a single entity (e.g., driver, etc.) may be managed and owned by, for example, a single driver (or jointly shared managed and owned among several drivers). The owner of the pool handles notifications to dynamically map and unmap the pool's memory segment from its device IOMMU aperture. This same notification may also wire/un-wire the memory as needed. Read and write attributes may also be restricted on both the host and the device side based on the I/O transfer direction for added security.
Referring now to
As a brief aside, a driver (or device driver) may be a computer program that operates or controls a particular type of device that is attached to (or part of) a computing system. In other words, a driver provides a software interface to hardware logic located within a computing system so as to enable, for example, an O/S or other computer program to access hardware functions for the hardware logic, without needing to know the underlying details about the hardware logic being used. Exemplary drivers may interface with, for example, video adapters (e.g., a graphics card), network adapters (e.g., Wi-Fi, Bluetooth®, or other networking modules), sound cards, local buses (e.g., an inter-processor communications bus), computer storage, etc. In some implementations, the single entity may share the single-entity managed pool 1010 with an application residing in user space (e.g., a first party application such as, for example, FaceTime, etc. manufactured or developed by the Assignee of the present application).
The single entity may request and/or establish its pool of resources dependent upon the requirements of the application(s) that need access to this pool of resources. For example, in the context of a single entity Wi-Fi driver, the pool of resources may be established in accordance with the number of applications that may need access to the Wi-Fi driver. In other words, more resources may be allocated when two or more applications require access to the Wi-Fi driver than if a single application requires access to the Wi-Fi driver. The pool of resources may also be established dependent upon the memory requirements of, for example, individual applications. For example, more resources may be allocated for an application that services streaming video than for an application that merely services graphics or text. Pool resources may also be determined based on hardware characteristics such as, for example, bandwidth considerations, transmission latency, hardware management traffic, etc.
The established pool of resources may dedicate one or more regions to, for example, a given application. Within the one or more regions, the size of the slabs or segments may be dynamically chosen dependent upon the types (and sizes) of data transfers that would be expected within the given application. Moreover, the object size may also be dynamically chosen dependent upon the types (and sizes) of data transfers that would be expected within the given application. For example, an object may be sized to accommodate the types of metadata that would be typical for a given application as well as choosing the number of buflets within a given object. These and other variations would be readily apparent to one of ordinary skill given the contents of the present disclosure.
In some trusted applications, a given channel associated with an application may be directly mapped to a driver pool. For example, such a variant may be useful for first party applications. The established pool of resources may also limit access types for, for example, a given application. In other words, one established memory pool (or portion thereof) may be dedicated to write only memory accesses, while another established memory pool (or portion thereof) may be dedicated to read only memory accesses and vice versa. In some implementations, it may be desirable to limit a given application to write only (or read only) privileges for the established pool of memory resources. Such an implementation may be desirable dependent upon an application's requirements. For example, given an application that displays video received over, for example, a Wi-Fi connection, it may be desirable to establish two dedicated pools of resources, where one is only permitted read only privileges while the other is only permitted write only privileges.
In some implementations, one or more drivers may not use dynamic wiring and/or unwiring (e.g., may create a pool where each memory segment is permanently wired such that the driver has no need to use dynamic wiring and/or unwiring), while other drivers may use dynamic wiring and/or unwiring. For example, some drivers may always require access to wired memory. Some drivers may also require persistent I/O addressing. In other words, these drivers may not dynamically alter their IOMMU mappings. For example, a driver may request that a segment is non-dynamically mapped to a region. In some instances, a given pool of resources for a driver may be monolithic in nature. In other words, the given pool of resources may constitute a single region, and/or slab or segment. Such a variant may be useful in that such an implementation may reduce, for example, IOMMU address translation and reduce the complexity to manage multiple memory segments as well as the IOMMU mapping for each of those segments. These and other variants would be readily apparent to one of ordinary skill given the contents of the present disclosure.
At operation 1120, the one or more applications may be serviced based on the established pool of resources. While servicing the one or more applications based on the established pool of resources, the single entity may determine that more (or less) resources are required at operation 1130. This determination may be periodically determined (e.g., at regular time intervals), or may be determined based on the instantiation of additional applications, or a change in context within already established applications. For example, a user may execute a messaging application which, for example, needs access to a cellular driver for the purpose of transmitting and/or receiving messaging data via a cellular network. The user may open a browser application; in order to handle the increased resource requirements for the browser application; the driver responsively requests resources for communicating with the cellular baseband processor in order to transmit/receive browser application data. Conversely, when the user closes out of the browser application, the cellular driver may determine that resources may be freed up and hence may disassociate, for example, the IOMMU mapping of the browser data.
As but another non-limiting example, consider a usage scenario where a user has executed a messaging application. During normal operation, the messaging application may primarily be used for the transfer of text, graphics, and the like between parties. Accordingly, a first set of memory resources is established. However, at a later point the user may start streaming video to/from another user. Accordingly, when a user initiates streaming services through their messaging application, more resources may be requested by the driver at operation 1130 and the additional resources may be allocated at operation 1140. These and other variations would be readily apparent to one of ordinary skill given the contents of the present disclosure.
It will be recognized that while certain embodiments of the present disclosure are described in terms of a specific sequence of steps of a method, these descriptions are only illustrative of the broader methods described herein, and may be modified as required by the particular application. Certain steps may be rendered unnecessary or optional under certain circumstances. Additionally, certain steps or functionality may be added to the disclosed embodiments, or the order of performance of two or more steps permuted. All such variations are considered to be encompassed within the disclosure and claimed herein.
While the above detailed description has shown, described, and pointed out novel features as applied to various embodiments, it will be understood that various omissions, substitutions, and changes in the form and details of the device or process illustrated may be made by those skilled in the art without departing from principles described herein. The foregoing description is of the best mode presently contemplated. This description is in no way meant to be limiting, but rather should be taken as illustrative of the general principles described herein. The scope of the disclosure should be determined with reference to the claims.
This application claims the benefit of priority to U.S. Provisional Patent Application Ser. No. 62/649,509 filed Mar. 28, 2018 and entitled “Methods and Apparatus for Efficient Data Transfer within User Space Networking Stack Infrastructures”, which is incorporated herein by reference in its entirety.
| Number | Name | Date | Kind |
|---|---|---|---|
| 4805137 | Grant et al. | Feb 1989 | A |
| 4949299 | Pickett | Aug 1990 | A |
| 5367688 | Croll | Nov 1994 | A |
| 5467459 | Alexander et al. | Nov 1995 | A |
| 5485578 | Sweazey | Jan 1996 | A |
| 5506968 | Dukes | Apr 1996 | A |
| 5613086 | Frey et al. | Mar 1997 | A |
| 5659542 | Bell et al. | Aug 1997 | A |
| 5708779 | Graziano et al. | Jan 1998 | A |
| 5731973 | Takaishi et al. | Mar 1998 | A |
| 5850395 | Hauser et al. | Dec 1998 | A |
| 5903564 | Ganmukhi et al. | May 1999 | A |
| 5943507 | Cornish et al. | Aug 1999 | A |
| 6008992 | Kawakami | Dec 1999 | A |
| 6032179 | Osborne | Feb 2000 | A |
| 6216178 | Stracovsky et al. | Apr 2001 | B1 |
| 6233702 | Bunton et al. | May 2001 | B1 |
| 6260152 | Cole et al. | Jul 2001 | B1 |
| 6349355 | Draves et al. | Feb 2002 | B1 |
| 6359863 | Varma et al. | Mar 2002 | B1 |
| 6411997 | Dawes et al. | Jun 2002 | B1 |
| 6485081 | Bingle et al. | Nov 2002 | B1 |
| 6523073 | Kammer et al. | Feb 2003 | B1 |
| 6553446 | Miller | Apr 2003 | B1 |
| 6693895 | Crummey et al. | Feb 2004 | B1 |
| 6815873 | Johnson et al. | Nov 2004 | B2 |
| 6874075 | Jerding et al. | Mar 2005 | B2 |
| 6948094 | Schultz et al. | Sep 2005 | B2 |
| 6973701 | Momoda et al. | Dec 2005 | B2 |
| 6990594 | Kim et al. | Jan 2006 | B2 |
| 7013536 | Golden et al. | Mar 2006 | B2 |
| 7032282 | Powell et al. | Apr 2006 | B2 |
| 7100020 | Brightman et al. | Aug 2006 | B1 |
| 7111307 | Wang | Sep 2006 | B1 |
| 7127600 | Zimmer et al. | Oct 2006 | B2 |
| 7152231 | Galluscio et al. | Dec 2006 | B1 |
| 7281172 | Chujo | Oct 2007 | B2 |
| 7397774 | Holland et al. | Jul 2008 | B1 |
| 7398382 | Rothman et al. | Jul 2008 | B2 |
| 7403542 | Thompson | Jul 2008 | B1 |
| 7506084 | Moerti et al. | Mar 2009 | B2 |
| 7509391 | Chauvel et al. | Mar 2009 | B1 |
| 7587575 | Moertl et al. | Sep 2009 | B2 |
| 7590817 | Moertl et al. | Sep 2009 | B2 |
| 7617377 | Moertl et al. | Nov 2009 | B2 |
| 7681012 | Verm et al. | Mar 2010 | B2 |
| 7685476 | Andre et al. | Mar 2010 | B2 |
| 7802256 | Havens et al. | Sep 2010 | B2 |
| 7853731 | Zeng | Dec 2010 | B1 |
| 7899941 | Hendry et al. | Mar 2011 | B2 |
| 7941682 | Adams | May 2011 | B2 |
| 8214707 | Munson et al. | Jul 2012 | B2 |
| 8230248 | Dance et al. | Jul 2012 | B2 |
| 8239947 | Glick et al. | Aug 2012 | B1 |
| 8255725 | Shimazaki et al. | Aug 2012 | B2 |
| 8271996 | Gould et al. | Sep 2012 | B1 |
| 8352624 | Zimmerman et al. | Jan 2013 | B2 |
| 8468285 | Kobayashi | Jun 2013 | B2 |
| 8555099 | Marinkovic et al. | Oct 2013 | B2 |
| 8561090 | Schneider | Oct 2013 | B2 |
| 8635412 | Wilshire | Jan 2014 | B1 |
| 8656228 | Check et al. | Feb 2014 | B2 |
| 8769168 | Moertl et al. | Jul 2014 | B2 |
| 8788822 | Riddle | Jul 2014 | B1 |
| 8799537 | Zhu et al. | Aug 2014 | B1 |
| 8806640 | Wang | Aug 2014 | B2 |
| 8819386 | Mather | Aug 2014 | B1 |
| 8848809 | Whitby-Strevens | Sep 2014 | B2 |
| 8855120 | Robbins | Oct 2014 | B2 |
| 8876062 | Baghdasarian | Nov 2014 | B1 |
| 9049179 | Luna | Jun 2015 | B2 |
| 9130864 | Keith | Sep 2015 | B2 |
| 9135059 | Ballard | Sep 2015 | B2 |
| 9152580 | Chau et al. | Oct 2015 | B1 |
| 9170957 | Touzni et al. | Oct 2015 | B2 |
| 9280360 | Xu et al. | Mar 2016 | B2 |
| 9319090 | Whitby-Strevens | Apr 2016 | B2 |
| 9483305 | Shmidt et al. | Nov 2016 | B1 |
| 9544069 | Whitby-Strevens et al. | Jan 2017 | B2 |
| 9547535 | Wilt | Jan 2017 | B1 |
| 9594718 | Kaushik et al. | Mar 2017 | B2 |
| 9769756 | Cui et al. | Sep 2017 | B1 |
| 9830289 | Pulyala et al. | Nov 2017 | B2 |
| 9910475 | Kurts et al. | Mar 2018 | B2 |
| 9913305 | Pinheiro et al. | Mar 2018 | B2 |
| 9932757 | Hager et al. | Apr 2018 | B2 |
| 9959124 | Heibeck et al. | May 2018 | B1 |
| 9985904 | Shalev et al. | May 2018 | B2 |
| 10078361 | Sanghi et al. | Sep 2018 | B2 |
| 10230608 | Tsirkin | Mar 2019 | B2 |
| 10289555 | Michaud et al. | May 2019 | B1 |
| 10331600 | Rajadnya | Jun 2019 | B1 |
| 10331612 | Petkov et al. | Jun 2019 | B1 |
| 10534601 | Venkata et al. | Jan 2020 | B1 |
| 10552072 | Bono et al. | Feb 2020 | B1 |
| 10678432 | Dreier et al. | Jun 2020 | B1 |
| 10798059 | Singh et al. | Oct 2020 | B1 |
| 10798224 | Masputra et al. | Oct 2020 | B2 |
| 10819831 | Masputra et al. | Oct 2020 | B2 |
| 10999132 | Sagar et al. | May 2021 | B1 |
| 11095758 | Masputra et al. | Aug 2021 | B2 |
| 11146665 | Masputra et al. | Oct 2021 | B2 |
| 11159651 | Masputra et al. | Oct 2021 | B2 |
| 11178259 | Masputra et al. | Nov 2021 | B2 |
| 11178260 | Masputra et al. | Nov 2021 | B2 |
| 11212373 | Masputra et al. | Dec 2021 | B2 |
| 11368560 | Masputra et al. | Jun 2022 | B2 |
| 11477123 | Masputra et al. | Oct 2022 | B2 |
| 11558348 | Masputra et al. | Jan 2023 | B2 |
| 20010037410 | Gardner | Nov 2001 | A1 |
| 20020013868 | West | Jan 2002 | A1 |
| 20020044553 | Chakravorty | Apr 2002 | A1 |
| 20020053011 | Aiken | May 2002 | A1 |
| 20020065867 | Chauvel | May 2002 | A1 |
| 20020169938 | Scott et al. | Nov 2002 | A1 |
| 20020195177 | Hinkley et al. | Dec 2002 | A1 |
| 20030014607 | Slavin et al. | Jan 2003 | A1 |
| 20030061395 | Kingsbury | Mar 2003 | A1 |
| 20030120935 | Teal et al. | Jun 2003 | A1 |
| 20030200413 | Gurumoorthy et al. | Oct 2003 | A1 |
| 20040010473 | Hsu et al. | Jan 2004 | A1 |
| 20040010545 | Pandya | Jan 2004 | A1 |
| 20040044929 | Chujo | Mar 2004 | A1 |
| 20040105384 | Gallezot | Jun 2004 | A1 |
| 20040128568 | O'Shea | Jul 2004 | A1 |
| 20040179546 | McDaniel et al. | Sep 2004 | A1 |
| 20040201749 | Malloy | Oct 2004 | A1 |
| 20040221056 | Kobayashi | Nov 2004 | A1 |
| 20040228365 | Kobayashi | Nov 2004 | A1 |
| 20040249957 | Ekis et al. | Dec 2004 | A1 |
| 20050055406 | Singhai et al. | Mar 2005 | A1 |
| 20050068897 | Arita et al. | Mar 2005 | A1 |
| 20050076196 | Zimmer et al. | Apr 2005 | A1 |
| 20050076244 | Watanabe | Apr 2005 | A1 |
| 20050108385 | Wechter et al. | May 2005 | A1 |
| 20050114620 | Justen | May 2005 | A1 |
| 20050117601 | Anderson et al. | Jun 2005 | A1 |
| 20050138628 | Bradford et al. | Jun 2005 | A1 |
| 20050140683 | Collins et al. | Jun 2005 | A1 |
| 20050149711 | Zimmer et al. | Jul 2005 | A1 |
| 20050157781 | Ho et al. | Jul 2005 | A1 |
| 20050198777 | Mabe | Sep 2005 | A1 |
| 20050278498 | Ahluwalia et al. | Dec 2005 | A1 |
| 20050285862 | Noda et al. | Dec 2005 | A1 |
| 20060039285 | Chapman et al. | Feb 2006 | A1 |
| 20060047989 | Delgado et al. | Mar 2006 | A1 |
| 20060075119 | Hussain et al. | Apr 2006 | A1 |
| 20060107071 | Girish et al. | May 2006 | A1 |
| 20060136570 | Pandya | Jun 2006 | A1 |
| 20060186700 | Browne et al. | Aug 2006 | A1 |
| 20060186706 | Browne et al. | Aug 2006 | A1 |
| 20060215697 | Olderdissen | Sep 2006 | A1 |
| 20060218301 | O'Toole et al. | Sep 2006 | A1 |
| 20060232051 | Morris et al. | Oct 2006 | A1 |
| 20060248542 | Wang et al. | Nov 2006 | A1 |
| 20070005869 | Balraj et al. | Jan 2007 | A1 |
| 20070008983 | Van Doren et al. | Jan 2007 | A1 |
| 20070043901 | Wu et al. | Feb 2007 | A1 |
| 20070063540 | Browne et al. | Mar 2007 | A1 |
| 20070063541 | Browne et al. | Mar 2007 | A1 |
| 20070070997 | Weitz et al. | Mar 2007 | A1 |
| 20070080013 | Melz et al. | Apr 2007 | A1 |
| 20070086480 | Elzur | Apr 2007 | A1 |
| 20070118831 | Kondo | May 2007 | A1 |
| 20070180041 | Suzuoki | Aug 2007 | A1 |
| 20070183418 | Riddoch et al. | Aug 2007 | A1 |
| 20070201492 | Kobayashi | Aug 2007 | A1 |
| 20070226375 | Chu et al. | Sep 2007 | A1 |
| 20070226417 | Davis | Sep 2007 | A1 |
| 20070255802 | Aloni et al. | Nov 2007 | A1 |
| 20070255866 | Aloni et al. | Nov 2007 | A1 |
| 20070261307 | Alexander et al. | Nov 2007 | A1 |
| 20070286246 | Kobayashi et al. | Dec 2007 | A1 |
| 20080005794 | Inoue | Jan 2008 | A1 |
| 20080007081 | Shibata et al. | Jan 2008 | A1 |
| 20080010563 | Nishimura | Jan 2008 | A1 |
| 20080046689 | Chen et al. | Feb 2008 | A1 |
| 20080077816 | Ravichandran | Mar 2008 | A1 |
| 20080100079 | Herrera et al. | May 2008 | A1 |
| 20080100092 | Gao et al. | May 2008 | A1 |
| 20080120911 | Browne et al. | May 2008 | A1 |
| 20080127292 | Cooper | May 2008 | A1 |
| 20080148291 | Huang | Jun 2008 | A1 |
| 20080183931 | Verm et al. | Jul 2008 | A1 |
| 20080231711 | Glen et al. | Sep 2008 | A1 |
| 20080235355 | Spanier et al. | Sep 2008 | A1 |
| 20080244259 | Zimmer et al. | Oct 2008 | A1 |
| 20080301148 | Lee et al. | Dec 2008 | A1 |
| 20090006920 | Munson et al. | Jan 2009 | A1 |
| 20090024924 | Kim | Jan 2009 | A1 |
| 20090092057 | Doctor et al. | Apr 2009 | A1 |
| 20090113141 | Bullman et al. | Apr 2009 | A1 |
| 20090138650 | Lin et al. | May 2009 | A1 |
| 20090172674 | Bobak et al. | Jul 2009 | A1 |
| 20090177847 | Ceze et al. | Jul 2009 | A1 |
| 20090189442 | Chi | Jul 2009 | A1 |
| 20090225818 | Dapper et al. | Sep 2009 | A1 |
| 20090240874 | Pong | Sep 2009 | A1 |
| 20090265723 | Mochizuki et al. | Oct 2009 | A1 |
| 20090322531 | Estevez et al. | Dec 2009 | A1 |
| 20100005014 | Castle | Jan 2010 | A1 |
| 20100017655 | Gooding et al. | Jan 2010 | A1 |
| 20100049876 | Pope | Feb 2010 | A1 |
| 20100057932 | Pope et al. | Mar 2010 | A1 |
| 20100082859 | Hendry et al. | Apr 2010 | A1 |
| 20100098419 | Levy et al. | Apr 2010 | A1 |
| 20100118041 | Chen | May 2010 | A1 |
| 20100329319 | Dai et al. | Dec 2010 | A1 |
| 20110029696 | Uehara | Feb 2011 | A1 |
| 20110035575 | Kwon et al. | Feb 2011 | A1 |
| 20110052142 | Sultenfuss et al. | Mar 2011 | A1 |
| 20110083002 | Albers et al. | Apr 2011 | A1 |
| 20110161619 | Kaminski et al. | Jun 2011 | A1 |
| 20110219208 | Asaad et al. | Sep 2011 | A1 |
| 20110242425 | Zeng | Oct 2011 | A1 |
| 20110246742 | Kogen | Oct 2011 | A1 |
| 20110276710 | Mighani et al. | Nov 2011 | A1 |
| 20110292936 | Wang et al. | Dec 2011 | A1 |
| 20110310296 | Lee et al. | Dec 2011 | A1 |
| 20110320861 | Bayer et al. | Dec 2011 | A1 |
| 20120017063 | Hummel et al. | Jan 2012 | A1 |
| 20120036334 | Horman | Feb 2012 | A1 |
| 20120072658 | Hashimoto et al. | Mar 2012 | A1 |
| 20120084483 | Sanjive | Apr 2012 | A1 |
| 20120084484 | Post et al. | Apr 2012 | A1 |
| 20120102307 | Wong | Apr 2012 | A1 |
| 20120124252 | Kayama et al. | May 2012 | A1 |
| 20120203880 | Kluyt et al. | Aug 2012 | A1 |
| 20120224640 | Sole et al. | Sep 2012 | A1 |
| 20120229076 | Zhu et al. | Sep 2012 | A1 |
| 20120260017 | Mine | Oct 2012 | A1 |
| 20130039278 | Bouazizi et al. | Feb 2013 | A1 |
| 20130050216 | Whitby-Strevens et al. | Feb 2013 | A1 |
| 20130057567 | Frank et al. | Mar 2013 | A1 |
| 20130067188 | Mehra | Mar 2013 | A1 |
| 20130091772 | Berger et al. | Apr 2013 | A1 |
| 20130111014 | Lawrie et al. | May 2013 | A1 |
| 20130138840 | Kegel et al. | May 2013 | A1 |
| 20130162911 | Glen | Jun 2013 | A1 |
| 20130204927 | Kruglikov et al. | Aug 2013 | A1 |
| 20130205113 | Ahmad et al. | Aug 2013 | A1 |
| 20130275976 | Dawson et al. | Oct 2013 | A1 |
| 20130290947 | Li | Oct 2013 | A1 |
| 20130347131 | Mooring et al. | Dec 2013 | A1 |
| 20140033220 | Campbell et al. | Jan 2014 | A1 |
| 20140068624 | Fuller | Mar 2014 | A1 |
| 20140068636 | Dupont et al. | Mar 2014 | A1 |
| 20140122695 | Kulikov et al. | May 2014 | A1 |
| 20140122828 | Kagan et al. | May 2014 | A1 |
| 20140173236 | Kegel | Jun 2014 | A1 |
| 20140189057 | Sankoda et al. | Jul 2014 | A1 |
| 20140211894 | Yang et al. | Jul 2014 | A1 |
| 20140247983 | MacInnis et al. | Sep 2014 | A1 |
| 20140355606 | Riddoch | Dec 2014 | A1 |
| 20150007262 | Aissi et al. | Jan 2015 | A1 |
| 20150036051 | Broberg et al. | Feb 2015 | A1 |
| 20150058444 | Willmann | Feb 2015 | A1 |
| 20150081985 | Archer | Mar 2015 | A1 |
| 20150156122 | Singh et al. | Jun 2015 | A1 |
| 20150172345 | Mantin et al. | Jun 2015 | A1 |
| 20150189109 | Whitby-Strevens et al. | Jul 2015 | A1 |
| 20150205749 | Whitby-Strevens et al. | Jul 2015 | A1 |
| 20150212806 | Hsieh | Jul 2015 | A1 |
| 20150244804 | Warfield et al. | Aug 2015 | A1 |
| 20150261588 | Liu | Sep 2015 | A1 |
| 20150309940 | Kumar et al. | Oct 2015 | A1 |
| 20150326542 | Serebrin | Nov 2015 | A1 |
| 20150363110 | Batra | Dec 2015 | A1 |
| 20150370582 | Kinsella | Dec 2015 | A1 |
| 20150378737 | Debbage et al. | Dec 2015 | A1 |
| 20160028635 | Wang | Jan 2016 | A1 |
| 20160034195 | Li et al. | Feb 2016 | A1 |
| 20160041852 | Suarez et al. | Feb 2016 | A1 |
| 20160044143 | Narasimhamurthy | Feb 2016 | A1 |
| 20160063258 | Ackerly | Mar 2016 | A1 |
| 20160077989 | Pulyala et al. | Mar 2016 | A1 |
| 20160103480 | Sanghi et al. | Apr 2016 | A1 |
| 20160103689 | Sanghi et al. | Apr 2016 | A1 |
| 20160103743 | Sanghi et al. | Apr 2016 | A1 |
| 20160142988 | Powell et al. | May 2016 | A1 |
| 20160208539 | Hofmann et al. | Jul 2016 | A1 |
| 20160224442 | Sanghi et al. | Aug 2016 | A1 |
| 20160226957 | Zhang et al. | Aug 2016 | A1 |
| 20160226967 | Zhang et al. | Aug 2016 | A1 |
| 20160231929 | Tsirkin | Aug 2016 | A1 |
| 20160261632 | Kölhi et al. | Sep 2016 | A1 |
| 20160269991 | Van Greunen et al. | Sep 2016 | A1 |
| 20160357443 | Li et al. | Dec 2016 | A1 |
| 20160363955 | Stevens et al. | Dec 2016 | A1 |
| 20160364350 | Sanghi et al. | Dec 2016 | A1 |
| 20160378545 | Ho | Dec 2016 | A1 |
| 20170003977 | Sumida et al. | Jan 2017 | A1 |
| 20170003997 | Kelly et al. | Jan 2017 | A1 |
| 20170075856 | Suzue | Mar 2017 | A1 |
| 20170089641 | Humfeld et al. | Mar 2017 | A1 |
| 20170108912 | Li et al. | Apr 2017 | A1 |
| 20170111283 | Kumar et al. | Apr 2017 | A1 |
| 20170124327 | Kumbhar et al. | May 2017 | A1 |
| 20170126726 | Han | May 2017 | A1 |
| 20170147282 | Seo | May 2017 | A1 |
| 20170149890 | Shamis et al. | May 2017 | A1 |
| 20170187621 | Shalev | Jun 2017 | A1 |
| 20170187846 | Shalev et al. | Jun 2017 | A1 |
| 20170249098 | Petkov et al. | Aug 2017 | A1 |
| 20170264497 | Lim | Sep 2017 | A1 |
| 20170286300 | Doshi et al. | Oct 2017 | A1 |
| 20170286322 | Garg et al. | Oct 2017 | A1 |
| 20170286323 | Garg et al. | Oct 2017 | A1 |
| 20170308460 | Guthula et al. | Oct 2017 | A1 |
| 20170337588 | Chittilappilly | Nov 2017 | A1 |
| 20170353499 | Huang et al. | Dec 2017 | A1 |
| 20170371591 | Xia | Dec 2017 | A1 |
| 20180004690 | Kaminski | Jan 2018 | A1 |
| 20180070341 | Islam et al. | Mar 2018 | A1 |
| 20180081829 | Kaplan | Mar 2018 | A1 |
| 20180129261 | Garg et al. | May 2018 | A1 |
| 20180129269 | Garg et al. | May 2018 | A1 |
| 20180129270 | Garg et al. | May 2018 | A1 |
| 20180173643 | Yu et al. | Jun 2018 | A1 |
| 20180196648 | Henderson et al. | Jul 2018 | A1 |
| 20180219805 | MacNeil et al. | Aug 2018 | A1 |
| 20180219976 | Decenzo et al. | Aug 2018 | A1 |
| 20180239657 | Petrbok et al. | Aug 2018 | A1 |
| 20180248847 | Guri et al. | Aug 2018 | A1 |
| 20180253315 | Norton et al. | Sep 2018 | A1 |
| 20180285561 | Frank et al. | Oct 2018 | A1 |
| 20180295052 | St-Laurent | Oct 2018 | A1 |
| 20180329743 | Pope et al. | Nov 2018 | A1 |
| 20180343206 | White et al. | Nov 2018 | A1 |
| 20180357176 | Wang | Dec 2018 | A1 |
| 20190007850 | DenBoer et al. | Jan 2019 | A1 |
| 20190036893 | Jiang | Jan 2019 | A1 |
| 20190052659 | Weingarten et al. | Feb 2019 | A1 |
| 20190065301 | Tsirkin et al. | Feb 2019 | A1 |
| 20190097938 | Talla et al. | Mar 2019 | A1 |
| 20190102303 | Wang et al. | Apr 2019 | A1 |
| 20190102568 | Hausauer et al. | Apr 2019 | A1 |
| 20190109714 | Clark et al. | Apr 2019 | A1 |
| 20190140983 | Tu et al. | May 2019 | A1 |
| 20190141041 | Bhabbur et al. | May 2019 | A1 |
| 20190147066 | Ben Dayan et al. | May 2019 | A1 |
| 20190147069 | Ben Dayan et al. | May 2019 | A1 |
| 20190205533 | Diehl et al. | Jul 2019 | A1 |
| 20190213044 | Cui | Jul 2019 | A1 |
| 20190213166 | Petkov et al. | Jul 2019 | A1 |
| 20190253351 | Ihlar et al. | Aug 2019 | A1 |
| 20190286466 | Tsirkin et al. | Sep 2019 | A1 |
| 20190303205 | Masputra et al. | Oct 2019 | A1 |
| 20190303221 | Masputra et al. | Oct 2019 | A1 |
| 20190303222 | Masputra et al. | Oct 2019 | A1 |
| 20190303280 | Masputra et al. | Oct 2019 | A1 |
| 20190303562 | Masputra et al. | Oct 2019 | A1 |
| 20190303576 | Masputra et al. | Oct 2019 | A1 |
| 20190306076 | Masputra et al. | Oct 2019 | A1 |
| 20190306087 | Masputra et al. | Oct 2019 | A1 |
| 20190306109 | Masputra et al. | Oct 2019 | A1 |
| 20190306281 | Masputra et al. | Oct 2019 | A1 |
| 20190306282 | Masputra et al. | Oct 2019 | A1 |
| 20200019695 | Sovio et al. | Jan 2020 | A1 |
| 20200036615 | Lewis | Jan 2020 | A1 |
| 20200045015 | Nukala et al. | Feb 2020 | A1 |
| 20200065244 | Sanghi et al. | Feb 2020 | A1 |
| 20200073829 | Tsirkin et al. | Mar 2020 | A1 |
| 20200195684 | Linz | Jun 2020 | A1 |
| 20210011856 | Xia et al. | Jan 2021 | A1 |
| 20210097006 | Masputra et al. | Apr 2021 | A1 |
| 20210099391 | Masputra et al. | Apr 2021 | A1 |
| 20210099427 | Masputra et al. | Apr 2021 | A1 |
| 20220030095 | Masputra et al. | Jan 2022 | A1 |
| 20220046117 | Masputra et al. | Feb 2022 | A1 |
| Number | Date | Country |
|---|---|---|
| 3013008 | Apr 2016 | EP |
| H02306082 | Dec 1990 | JP |
| H03169996 | Jul 1991 | JP |
| 2004086792 | Mar 2004 | JP |
| 2012108677 | Jun 2012 | JP |
| 2013246642 | Dec 2013 | JP |
| 2015001867 | Jan 2015 | JP |
| WO-2008070138 | Jun 2008 | WO |
| Entry |
|---|
| Co-pending U.S. Appl. No. 15/865,638, filed Jan. 9, 2018. |
| ECN L1 PM Substates with CLKREQ approved Aug. 23, 2012. |
| Jackson, “PCI Express Technology”, Sep. 2012 (Sep. 2012), MindShare Press, XP002777351, pp. 49,86,87,712-723. |
| PCI Express base Specification Revision 3.0, published Nov. 10, 2010. |
| PCI Express Base Specification Revision 3.1, published Oct. 8, 2014. |
| Universal Serial Bus, Communication Class, Subclass Specifications for Network Control Model (NCM) Devices; Revision 1.0 (Errata 1), Nov. 24, 2010, published by USB Implementers Forum, Inc. |
| Moon-Sang Lee, Joonwon Lee and S. Maeng, “Context-aware address translation for high-performance SMP cluster system,” 2008u IEEE International Conference on Cluster Computing, Tsukuba, 2008, pp. 292-297, doi: 10.1109/CLUSTR.2008.4663784. (Year: 2008). |
| Honda et al, “Rekindling Network Protocol Innovation with User-Level Stacks”, ACM SIGCOMM Computer Communication Review, vol. 44, No. 2, Apr. 2014. |
| Gopalakrishnan R., et al., “Efficient User-Space Protocol Implementations with QoS Guarantees Using Real-Time Upcalls”, IEEE/ACM Transactions on Networking, Aug. 1998, vol. 6 (4), pp. 374-388. |
| Whitworth, “Improving Networking by moving the network stack to userspace”, Imperial College London, Jun. 14, 2010 [Mar. 17, 2022]; retrieved from the Internet: <URL https://www.doc.ic.ac.uk/teaching/distinguished-projects/2010/m.whitworth.pdf (Year: 2010). |
| Number | Date | Country | |
|---|---|---|---|
| 20190303204 A1 | Oct 2019 | US |
| Number | Date | Country | |
|---|---|---|---|
| 62649509 | Mar 2018 | US |
