[go: up one dir, main page]

CN120803987A - Zero-copy data transmission method, equipment, medium and product - Google Patents

Zero-copy data transmission method, equipment, medium and product

Info

Publication number
CN120803987A
CN120803987A CN202510934893.5A CN202510934893A CN120803987A CN 120803987 A CN120803987 A CN 120803987A CN 202510934893 A CN202510934893 A CN 202510934893A CN 120803987 A CN120803987 A CN 120803987A
Authority
CN
China
Prior art keywords
descriptor
kernel module
memory buffer
application
zero
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202510934893.5A
Other languages
Chinese (zh)
Inventor
孙鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jitai Aviation Technology Suzhou Co ltd
Original Assignee
Jitai Aviation Technology Suzhou Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jitai Aviation Technology Suzhou Co ltd filed Critical Jitai Aviation Technology Suzhou Co ltd
Priority to CN202510934893.5A priority Critical patent/CN120803987A/en
Publication of CN120803987A publication Critical patent/CN120803987A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/14Handling requests for interconnection or transfer
    • G06F13/20Handling requests for interconnection or transfer for access to input/output bus
    • G06F13/28Handling requests for interconnection or transfer for access to input/output bus using burst mode transfer, e.g. direct memory access DMA, cycle steal
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种零拷贝数据传输方法、设备、介质及产品,属于数据传输技术领域,方法包括:应用程序向内核模块请求内存缓冲区;内核模块根据请求分配一个物理内存缓冲区,并返回特殊设计的描述符(含地址指针对应的句柄);应用程序向内核模块提交描述符并请求内存缓冲区的地址指针;内核模块验证描述符后,将物理内存缓冲区映射到应用程序的虚拟地址空间,并返相应的地址指针;应用程序根据地址指针写入需要发送的数据,写入完成后,向内核模块提交描述符并请求发送写入的数据;内核模块验证描述符后,配置并启动DMA控制器,直接从物理内存缓冲区读取写入的数据并推送到网卡进行发送。本发明能够在保证传输性能的同时,提高安全性和确定性。

The present invention discloses a zero-copy data transmission method, device, medium, and product, belonging to the field of data transmission technology. The method comprises: an application requests a memory buffer from a kernel module; the kernel module allocates a physical memory buffer according to the request and returns a specially designed descriptor (including a handle corresponding to an address pointer); the application submits the descriptor to the kernel module and requests the address pointer of the memory buffer; after the kernel module verifies the descriptor, it maps the physical memory buffer to the application's virtual address space and returns the corresponding address pointer; the application writes the data to be sent according to the address pointer, and after writing is complete, submits the descriptor to the kernel module and requests that the written data be sent; after the kernel module verifies the descriptor, it configures and starts a DMA controller, directly reads the written data from the physical memory buffer, and pushes it to the network card for transmission. The present invention can improve security and certainty while ensuring transmission performance.

Description

Zero-copy data transmission method, equipment, medium and product
Technical Field
The present invention relates to the field of data transmission technologies, and in particular, to a zero-copy data transmission method, apparatus, medium, and product.
Background
In the safety critical fields of avionics, unmanned, etc., on-board systems need to handle increasingly high throughput data streams (e.g., sensor data, high definition video, etc.), while having to meet stringent real-time and safety requirements. When the existing data transmission technology is used for coping with the challenges, the following three major problems mainly exist:
1. Performance and efficiency bottlenecks-in the process of data transceiving, a traditional network protocol stack (such as TCP/IP) needs to make multiple memory copies between a kernel space and a user space. Each copy consumes a significant amount of CPU cycles and memory bandwidth, which, in high concurrency and high throughput scenarios, becomes a serious bottleneck limiting overall system performance and may affect the execution of other critical tasks.
2. Security and isolation drawbacks to solve performance problems, the prior art discloses some (Zero-Copy) techniques, such as sharing the kernel and the user's memory by means of memory mapping (mmap). However, such schemes break the most basic memory isolation principle of the operating system at the expense of security, so that any defect (Bug) or malicious behavior of the user state application program may directly pollute the data of the kernel or other processes, and cause a systematic crash. This security risk is unacceptable for avionics systems requiring high reliability and functional security, and also results in such schemes failing to pass airworthiness certification (e.g., DO-178C).
3. The real-time certainty is lacking in that safety critical systems require that all operations must be completed in predictable time. In the traditional technical scheme, unpredictable time delay can be introduced into dynamic memory allocation (such as malloc), and when DMA is used for data transmission, unordered contention of a plurality of hardware devices on a memory bus can also cause uncertain transmission delay of key data, so that the requirements of hard real-time tasks cannot be met.
Disclosure of Invention
The invention aims to overcome the defects in the prior art, provides a zero-copy data transmission method, equipment, medium and product, and solves the technical problem that the current data transmission technology is difficult to meet the current use requirements in terms of transmission performance, transmission safety and transmission certainty.
In order to achieve the above purpose, the invention is realized by adopting the following technical scheme:
In a first aspect, the present invention provides a zero-copy data transmission method, including:
responding to the need of the application program to send data, calling a function in a user space library by the application program, and requesting a memory buffer area for sending the data to a kernel module;
the kernel module allocates a physical memory buffer area according to the request and returns a descriptor of the physical memory buffer area;
The application program calls the function in the user space library, submits the descriptor to the kernel module and requests the address pointer of the memory buffer for writing data;
The kernel module verifies the descriptor, maps the physical memory buffer area to a virtual address space of an application program after verification is passed, and returns an address pointer of the virtual address space;
the application program writes the data to be transmitted according to the address pointer, and after the writing is completed, the application program calls the function in the user space library, submits the descriptor to the kernel module and requests to transmit the written data;
the kernel module verifies the descriptor, and after verification is passed, the DMA controller is configured and started;
And the DMA controller bypasses the CPU to directly read the written data from the physical memory buffer area and pushes the data to the network card for transmission, so that the zero participation of the CPU and the zero copy of the memory are realized.
Optionally, in response to the user space library receiving the call function request, the call function request is converted into an underlying request for the kernel module, and the underlying request is sent to the kernel module through the ioctl interface.
Optionally, the kernel module allocates a physical memory buffer according to the request, and returns a descriptor of the physical memory buffer includes:
the kernel module matches a physical memory buffer zone with proper size from a memory pool based on a partner algorithm according to the request, searches an idle entry in a built-in descriptor table to generate a corresponding descriptor, wherein the entry contains necessary information of the physical memory buffer zone, and the descriptor returns to an application program through a user space library.
Optionally, the descriptor includes a handle ID, a usage count, and a check code;
the handle ID is an entry index of the descriptor;
When the descriptor is released by the application program, the usage count of the corresponding descriptor recorded in the descriptor table is increased by one, when the application program uses the descriptor again to access the kernel module, the usage count in the descriptor is matched with the usage count in the corresponding descriptor in the descriptor table, and if the matching fails, the kernel module refuses to access;
the check code is used for preventing the descriptor from being tampered with maliciously.
Optionally, after the network card is sent, the DMA controller generates a DMA interrupt to notify the kernel module that the sending is completed, the kernel module sets the entry corresponding to the corresponding descriptor in the descriptor table to be idle, and generates a status notification of successful sending, and returns to the application program through the user space library.
In a second aspect, the present invention provides an electronic device, including a processor and a storage medium;
the storage medium is used for storing instructions;
The processor is operative according to the instructions to perform steps according to the method described above.
In a third aspect, the present invention provides a computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of the above method.
In a fourth aspect, the invention provides a computer program product comprising computer programs/instructions which when executed by a processor implement the steps of the method described above.
Compared with the prior art, the invention has the beneficial effects that:
According to the zero-copy data transmission method, device, medium and product provided by the invention, a security firewall is established between an application program and a zero-copy buffer zone of a kernel space through a kernel module and a descriptor mechanism. The method not only realizes the zero-copy high-efficiency transmission of the data from the memory to the network card through the DMA, but also thoroughly avoids the safety isolation problem caused by direct memory mapping. It makes the very fast performance safe and usable.
By eliminating memory copies of kernel space and user space and letting the DMA controller take charge of core data handling work, CPU is liberated from these inefficient, repetitive efforts, significantly reducing CPU occupancy. The data path is greatly simplified, the end-to-end delay is effectively shortened, and the data processing throughput of the system is greatly improved.
And the static pre-allocated memory pool is adopted for buffer management, and allocation and recovery operations are completed within predictable time, so that uncertainty delay is avoided.
In summary, the invention can improve the safety and certainty while ensuring the transmission performance.
Drawings
FIG. 1 is a flow chart of a zero-copy data transmission method provided by an embodiment of the present invention;
fig. 2 is a timing diagram of a zero-copy data transmission method according to an embodiment of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings. The following examples are only for more clearly illustrating the technical aspects of the present invention, and are not intended to limit the scope of the present invention.
Embodiment one:
as shown in fig. 1, the present invention provides a zero-copy data transmission method, which includes the following steps:
Step S1, responding to the need of an application program to send data, calling a function in a user space library by the application program, and requesting a memory buffer area for sending the data to a kernel module.
As shown in fig. 2, the application (App) needs to send data, and then calls the zc_alloc_buffer () function provided by the user space library (Lib) to obtain a block of memory buffer of a specified size.
And S2, the kernel module allocates a physical memory buffer area according to the request and returns the descriptor of the physical memory buffer area.
After receiving the call, the user space library converts it into an underlying request to the Kernel module (Kernel). The purpose of this underlying request is to have the kernel allocate a block of buffer for zero copies.
The kernel module matches a physical memory buffer zone with proper size from a memory pool based on a partner algorithm according to the request, searches an idle entry in a built-in descriptor table to generate a corresponding descriptor, wherein the entry contains necessary information of the physical memory buffer zone, and the descriptor returns to an application program through a user space library. The descriptor serves as the only "key" to the memory buffer obtained by the application operation.
In this embodiment, the descriptor includes a handle ID, a usage count, and a check code.
The handle ID is the entry index of the descriptor, and the handle ID is the core of the descriptor and is used as a direct index for accessing a large descriptor table in the core. Each entry of the descriptor table contains all necessary information such as pointers to the real physical memory buffers, buffer size, status (free/in use), owner process ID, etc. The direct index can avoid any searching or hash calculation, and after the kernel takes the ID, all information can be positioned only by one time of array access (table [ ID ]), so that the searching efficiency of O (1) is realized.
The use count is the number of times the descriptor is released by the application program, and is a key to achieving security and is used for preventing a 'dangling pointer' or a 'use-after-free' vulnerability. Working mechanism in the descriptor table of kernel, every entry has a correspondent "kernel use count value" besides buffer pointer. When a descriptor is created and returned to the user, it carries the current usage count value. When the application releases the descriptor (the application releases the descriptor at the moment that the data to be sent is sent completely, the application does not need to allocate a memory buffer area, and the application releases an address pointer at this time), the "kernel use count value" of the corresponding entry in the kernel is increased by 1. Verification that when an application accesses the kernel again using the descriptor (which may be expired, released), the kernel compares the usage count carried in the descriptor with the current usage count in the kernel table. If there is no match, access is immediately denied. This ensures that expired descriptors fail immediately.
The check code is used for preventing the descriptor from being tampered with maliciously. The check code may be the result of a handle ID and a simple exclusive or (XOR) or other fast check algorithm using counts. The kernel recalculates and compares the check code each time it is verified.
The descriptor may be set as an array of handle ID (32 bits), usage count (16 bits), check code (16 bits) according to actual needs.
And step S3, the application program calls a function in the user space library, submits the descriptor to the kernel module and requests an address pointer of a memory buffer area for writing data.
Applications, although having descriptors, have no direct access to memory. It needs to call the library function zc_get_pointer (desc_a) to get an available memory address pointer. The user space library initiates a request to the kernel, again through the underlying request, and submits a descriptor.
And S4, the kernel module verifies the descriptor, maps the physical memory buffer area to a virtual address space of the application program after verification is passed, and returns an address pointer of the virtual address space.
After the kernel module receives the request, it makes strict security check to verify whether the handle ID of the descriptor exists, whether the usage count matches the kernel record, and whether the check code is correct. After passing the verification, the kernel performs Just-in-Time (Just-in-Time) memory mapping. It temporarily maps this block of physical memory buffer into the virtual address space of the application program on demand, then returns the address pointer to the user space bank, via the user space bank to the application program.
And S5, the application program writes the data to be transmitted according to the address pointer, and after the writing is completed, the application program calls the function in the user space library, submits the descriptor to the kernel module and requests to transmit the written data.
After the application program obtains the address pointer, the application program can directly copy the data to be transmitted into the buffer area like operating the common memory. The process is performed completely in the user space, and is efficient and quick. After the data writing is completed, the application program calls the zc_send (desc_a) function, and notifies the kernel that the sending can be started.
And S6, the kernel module verifies the descriptor, and after the verification is passed, the DMA controller is configured and started.
The kernel module performs the last, same strict security verification. After the verification is passed, the kernel module configures and starts the DMA controller. It tells the DMA engine to "please transfer the data of the source address (physical address of buffer) to the destination address (send queue of network card)".
And S7, the DMA controller bypasses the CPU to directly read the written data from the physical memory buffer area and pushes the data to the network card for transmission, so that the zero participation of the CPU and the zero copy of the memory are realized.
After the network card is sent, the DMA controller generates a DMA interrupt to inform the kernel module of the completion of the sending, the kernel module sets the entry corresponding to the corresponding descriptor in the descriptor table to be idle, and simultaneously generates a successful sending state notification, and the state notification is returned to the application program through the user space library. So far, the complete zero copy sending flow is finished.
The kernel module mentioned in this embodiment is core logic that runs in the kernel space. And 1, managing the memory pool, namely realizing static pre-allocation of the memory pool based on a partner algorithm. 2. The descriptor table maintains, manages a huge descriptor array, handles allocation, release and usage count updates of descriptors. 3. The secure executor implements the "very fast kernel proxy interface" described below, validating each request from a user state (check code, usage count, process ID, etc.). 4. And after the verification is passed, the hardware interaction is responsible for configuring the DMA controller, interacting with the network card and initiating real data transmission.
The user space library is referred to in this embodiment in order to make it easy for the upper layer application developer to use, we package all the complexity in one library, provide multiple APIs,
For example, handle = zero copy init (): initialize library, establish a connection with the kernel module.
Desc=zc_alloc_buffer (size) applies for a buffer for transmitting data, returning a descriptor.
Void=zc_get_pointer (desc) (key step) obtains an available memory pointer from the descriptor.
Int ret=zc_commit_write (desc, length): notify the kernel that the data has been written.
Int ret=zc_send (desc): transmit data.
Desc=zc_ receive (timeout) -received data, return a descriptor containing the new data.
Void zc_free_buffer (desc) releases a descriptor and its corresponding buffer.
In this embodiment, in response to receiving a request for calling a function from the user space library, the request is converted into a bottom layer request for the kernel module, and the bottom layer request is sent to the kernel module through the ioctl interface. Standard system call (syscale) overhead is large. For performance, a dedicated, lightweight ioctl interface is designed, or a more modern asynchronous interface such as io_ uring is utilized on a supported system (e.g., linux). The ioctl interface can realize 1. Batch processing, the interface should support submitting a plurality of commands at a time (for example, apply for 3 buffers and send 5 buffers), so as to reduce the switching times of the user mode and the kernel mode. 2. The design of the interface ensures that the kernel only needs to access the data of the minimum set when processing, thereby avoiding unnecessary memory access and calculation and simplifying the whole processing flow.
The technical scheme of the patent has the following advantages:
1. Has both performance and efficiency
The performance advantages of the present invention are significant compared to conventional TCP/IP datapaths.
The CPU load is obviously reduced, namely, the CPU is liberated from heavy data handling work by eliminating data copying between a kernel space and a user space and utilizing DMA to carry out hardware autonomous transmission. In avionics, this means that valuable CPU resources can be used for more critical flight control, navigation computation, or sensor data fusion tasks.
The data delay is greatly reduced, the path of data from the application's buffer to the network card is greatly reduced and simplified. The information does not need to "travel long" among multiple memory areas, so that the end-to-end data transmission delay is significantly reduced, which is important for real-time applications (such as alarm information transmission and real-time video monitoring) requiring quick response.
And greatly improving the data throughput, namely greatly improving the data quantity (namely throughput) which can be transmitted in unit time because the whole data path becomes smoother due to delay reduction and elimination of CPU bottleneck. This has decisive significance for the application scenario of processing high bandwidth sensor data streams of radar, photoelectricity and the like.
2. Providing 'authenticatable' strong security and isolation
This is a central advantage of this patent. It solves the fatal defect of standard zero-copy technology (such as direct mmap) and makes it safely applicable to avionics field.
The invention does not directly expose the kernel memory to the application program, but takes the agent by a kernel module as a forced access control point. Any application's access to the shared buffer must pass the descriptor and go through the kernel module's rigorous scrutiny. The method radically eliminates the risks of out-of-range access of application programs and tampering with other applications or kernel data, and provides strong memory isolation.
The built-in security vulnerability protection is a security feature built in the architecture. The method can accurately identify and reject the application program from using the released outdated descriptors, and effectively immunize the high-risk memory security hole of 'reuse after use'.
The software airworthiness certification is explicitly supported, and since the security and isolation logic is mainly implemented by software (kernel agent module), the rules and behaviors are explicit, traceable, testable and verifiable. Such a software-defined security scheme is easier to formalize and code review than relying on complex hardware (e.g., IOMMU) configurations that may have "black box" behavior, thereby more easily meeting the requirements of the air software airworthiness standards of DO-178C, etc.
3. Ensuring high real-time performance and certainty
For avionics systems, and in particular flight critical systems, "predictable" is more important than "fast". The invention ensures the certainty of the system by design.
Predictable memory management, namely adopting a static pre-allocation memory pool based on a partner algorithm, and ensuring that the application and release of a memory buffer area are completed in a bounded time. This avoids unpredictable delays that may be incurred by standard dynamic memory allocation (e.g., malloc), ensuring the responsiveness of real-time tasks.
And controllable data transmission, namely, by setting priority or quality of service (QoS) strategies for DMA transmission of different data streams, the data streams with highest priority such as navigation, flight control and the like can always obtain bus resources preferentially, and the certainty of the data transmission is ensured not to be blocked by non-critical tasks (such as log records).
Embodiment two:
Based on the zero-copy data transmission method provided by the first embodiment, the embodiment of the invention provides electronic equipment, which comprises a processor and a storage medium;
the storage medium is used for storing instructions;
The processor is operative according to the instructions to perform steps according to the method described above.
Embodiment III:
Based on the zero-copy data transmission method provided in the first embodiment, an embodiment of the present invention provides a computer-readable storage medium having a computer program stored thereon, which when executed by a processor, implements the steps of the method described above.
Embodiment four:
Based on the zero-copy data transmission method provided in the first embodiment, an embodiment of the present invention provides a computer program product, including a computer program/instruction, which when executed by a processor, implements the steps of the method described above.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing is merely a preferred embodiment of the present invention, and it should be noted that modifications and variations could be made by those skilled in the art without departing from the technical principles of the present invention, and such modifications and variations should also be regarded as being within the scope of the invention.

Claims (8)

1.一种零拷贝数据传输方法,其特征在于,包括:1. A zero-copy data transmission method, comprising: 响应于应用程序需要发送数据,应用程序调用用户空间库中的函数,向内核模块请求一个用于发送数据的内存缓冲区;In response to the application needing to send data, the application calls a function in the user space library to request a memory buffer for sending data from the kernel module; 内核模块根据请求分配一个物理内存缓冲区,并返回所述物理内存缓冲区的描述符;所述描述符包括句柄ID、使用计数以及校验码;The kernel module allocates a physical memory buffer according to the request and returns a descriptor of the physical memory buffer; the descriptor includes a handle ID, a usage count and a check code; 应用程序调用用户空间库中的函数,向内核模块提交描述符并请求用于写入数据的内存缓冲区的地址指针;The application calls a function in the user space library, submits a descriptor to the kernel module and requests the address pointer of the memory buffer for writing data; 内核模块验证描述符,在验证通过后,将所述物理内存缓冲区映射到应用程序的虚拟地址空间,并返回所述虚拟地址空间的地址指针;The kernel module verifies the descriptor, and after passing the verification, maps the physical memory buffer to the virtual address space of the application and returns the address pointer of the virtual address space; 应用程序根据地址指针写入需要发送的数据,在写入完成后,调用用户空间库中的函数,向内核模块提交描述符并请求发送写入的数据;The application writes the data to be sent according to the address pointer. After writing is completed, it calls the function in the user space library, submits the descriptor to the kernel module and requests to send the written data; 内核模块验证描述符,在验证通过后,配置并启动DMA控制器;The kernel module verifies the descriptor and, if verified, configures and starts the DMA controller. DMA控制器绕过CPU直接从所述物理内存缓冲区读取写入的数据并推送到网卡进行发送,实现CPU零参与和内存零拷贝的数据传输。The DMA controller bypasses the CPU to directly read the written data from the physical memory buffer and pushes it to the network card for transmission, thereby realizing data transmission with zero CPU involvement and zero memory copy. 2.根据权利要求1所述的零拷贝数据传输方法,其特征在于,响应于用户空间库接收到调用函数请求,将其转换为对内核模块的底层请求,通过ioctl接口发送至内核模块。2. The zero-copy data transmission method according to claim 1 is characterized in that, in response to the user space library receiving the function call request, it converts it into a bottom-level request to the kernel module and sends it to the kernel module through the ioctl interface. 3.根据权利要求1所述的零拷贝数据传输方法,其特征在于,所述内核模块根据请求分配一个物理内存缓冲区,并返回所述物理内存缓冲区的描述符包括:3. The zero-copy data transmission method according to claim 1 , wherein the kernel module allocates a physical memory buffer according to the request, and returns a descriptor of the physical memory buffer, comprising: 内核模块根据请求从基于伙伴算法的内存池中匹配一个大小合适的物理内存缓冲区,并在内置的描述符表中查找一个空闲条目生成相应的描述符;所述条目中包含物理内存缓冲区的必要信息,所述描述符经用户空间库返回应用程序。The kernel module matches a physical memory buffer of appropriate size from a memory pool based on a buddy algorithm according to the request, and searches for a free entry in a built-in descriptor table to generate a corresponding descriptor; the entry contains the necessary information of the physical memory buffer, and the descriptor is returned to the application via the user space library. 4.根据权利要求1所述的零拷贝数据传输方法,其特征在于,4. The zero-copy data transmission method according to claim 1, wherein: 所述句柄ID为描述符的条目索引;The handle ID is the entry index of the descriptor; 所述使用计数为描述符被应用程序释放的次数;当描述符被应用程序释放时,记录在描述符表中对应的描述符的使用计数加一,当应用程序再次使用所述描述符访问内核模块时,将所述描述符中的使用计数和描述符表中对应描述符中的使用计数进行匹配,若匹配失败,则内核模块拒绝访问;The usage count is the number of times the descriptor is released by the application; when the descriptor is released by the application, the usage count of the corresponding descriptor recorded in the descriptor table is increased by one, and when the application uses the descriptor to access the kernel module again, the usage count in the descriptor is matched with the usage count in the corresponding descriptor in the descriptor table. If the match fails, the kernel module denies access; 所述校验码用于防止描述符被恶意篡改。The check code is used to prevent the descriptor from being maliciously tampered with. 5.根据权利要求1所述的零拷贝数据传输方法,其特征在于,响应于网卡发送完成后,DMA控制器生成一个DMA中断通知内核模块发送完成,内核模块将描述符表中相应描述符对应的条目设置为空闲,同时生成发送成功的状态通知,经用户空间库返回应用程序。5. The zero-copy data transmission method according to claim 1 is characterized in that, in response to the completion of the transmission by the network card, the DMA controller generates a DMA interrupt to notify the kernel module of the completion of the transmission. The kernel module sets the entry corresponding to the corresponding descriptor in the descriptor table to idle and generates a status notification of successful transmission at the same time, which is returned to the application via the user space library. 6.一种电子设备,其特征在于,包括处理器及存储介质;6. An electronic device comprising a processor and a storage medium; 所述存储介质用于存储指令;The storage medium is used to store instructions; 所述处理器用于根据所述指令进行操作以执行根据权利要求1-5任一项所述方法的步骤。The processor is configured to operate according to the instructions to execute the steps of the method according to any one of claims 1 to 5. 7.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该程序被处理器执行时实现权利要求1-5任一项所述方法的步骤。7. A computer-readable storage medium having a computer program stored thereon, wherein when the program is executed by a processor, the steps of the method according to any one of claims 1 to 5 are implemented. 8.一种计算机程序产品,包括计算机程序/指令,其特征在于,该计算机程序/指令被处理器执行时实现权利要求1-5中任一项所述方法的步骤。8. A computer program product, comprising a computer program/instruction, wherein the computer program/instruction implements the steps of the method according to any one of claims 1 to 5 when executed by a processor.
CN202510934893.5A 2025-07-08 2025-07-08 Zero-copy data transmission method, equipment, medium and product Pending CN120803987A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202510934893.5A CN120803987A (en) 2025-07-08 2025-07-08 Zero-copy data transmission method, equipment, medium and product

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202510934893.5A CN120803987A (en) 2025-07-08 2025-07-08 Zero-copy data transmission method, equipment, medium and product

Publications (1)

Publication Number Publication Date
CN120803987A true CN120803987A (en) 2025-10-17

Family

ID=97313073

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202510934893.5A Pending CN120803987A (en) 2025-07-08 2025-07-08 Zero-copy data transmission method, equipment, medium and product

Country Status (1)

Country Link
CN (1) CN120803987A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN121070628A (en) * 2025-11-06 2025-12-05 南京国电南自电网自动化有限公司 Power digital recording high-speed sampling data processing method and system based on Ethernet

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN121070628A (en) * 2025-11-06 2025-12-05 南京国电南自电网自动化有限公司 Power digital recording high-speed sampling data processing method and system based on Ethernet

Similar Documents

Publication Publication Date Title
US10924483B2 (en) Packet validation in virtual network interface architecture
CN100458757C (en) Inter core communication method and apparatus for multi-core processor in embedded real-time operating system
US7200695B2 (en) Method, system, and program for processing packets utilizing descriptors
US7103744B2 (en) Binding a memory window to a queue pair
US7895260B2 (en) Processing data access requests among a plurality of compute nodes
US20020124108A1 (en) Secure multiprotocol interface
EP4322003A1 (en) Data transmission method, data processing method, and related product
US20070041383A1 (en) Third party node initiated remote direct memory access
US20040252709A1 (en) System having a plurality of threads being allocatable to a send or receive queue
US9769175B2 (en) Accessing privileged objects in a server environment
CN103946827A (en) System and method for enforcing locks shared between kernel and user space
CN114064302B (en) Inter-process communication method and device
CN119885247B (en) Data query method, system, device, medium and program product
US20100186024A1 (en) System and Method of Invoking Multiple Remote Operations
US9069592B2 (en) Generic transport layer mechanism for firmware communication
US20050165938A1 (en) Method, system, and program for managing shared resources
CN119166570B (en) A multi-channel DMA data processing method and electronic device
US6986017B2 (en) Buffer pre-registration
CN120803987A (en) Zero-copy data transmission method, equipment, medium and product
CN114338515A (en) Data transmission method, device, equipment and storage medium
CN119071310B (en) Cloud storage processing methods, devices, storage media and systems
CN115114042A (en) Storage data access method and device, electronic equipment and storage medium
CN116107697B (en) Method and system for communication between different operating systems
KR20050080704A (en) Apparatus and method of inter processor communication
CN110347517B (en) Dual-system communication method and computer-readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination