| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 4 Jul 2021 05:54:29 -0400
From: "Michael S. Tsirkin" <mst@...hat.com>
To: Arseny Krasnov <arseny.krasnov@...persky.com>
Cc: Stefan Hajnoczi <stefanha@...hat.com>,
Stefano Garzarella <sgarzare@...hat.com>,
Jason Wang <jasowang@...hat.com>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Andra Paraschiv <andraprs@...zon.com>,
Norbert Slusarek <nslusarek@....net>,
Colin Ian King <colin.king@...onical.com>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"virtualization@...ts.linux-foundation.org"
<virtualization@...ts.linux-foundation.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"oxffffaa@...il.com" <oxffffaa@...il.com>
Subject: Re: [RFC PATCH v2 0/6] Improve SOCK_SEQPACKET receive logic
On Sun, Jul 04, 2021 at 12:23:03PM +0300, Arseny Krasnov wrote:
>
> On 04.07.2021 11:30, Michael S. Tsirkin wrote:
> > On Sun, Jul 04, 2021 at 11:08:13AM +0300, Arseny Krasnov wrote:
> >> This patchset modifies receive logic for SOCK_SEQPACKET.
> >> Difference between current implementation and this version is that
> >> now reader is woken up when there is at least one RW packet in rx
> >> queue of socket and data is copied to user's buffer, while merged
> >> approach wake up user only when whole message is received and kept
> >> in queue. New implementation has several advantages:
> >> 1) There is no limit for message length. Merged approach requires
> >> that length must be smaller than 'peer_buf_alloc', otherwise
> >> transmission will stuck.
> >> 2) There is no need to keep whole message in queue, thus no
> >> 'kmalloc()' memory will be wasted until EOR is received.
> >>
> >> Also new approach has some feature: as fragments of message
> >> are copied until EOR is received, it is possible that part of
> >> message will be already in user's buffer, while rest of message
> >> still not received. And if user will be interrupted by signal or
> >> timeout with part of message in buffer, it will exit receive loop,
> >> leaving rest of message in queue. To solve this problem special
> >> callback was added to transport: it is called when user was forced
> >> to leave exit loop and tells transport to drop any packet until
> >> EOR met.
> > Sorry about commenting late in the game. I'm a bit lost
> >
> >
> > SOCK_SEQPACKET
> > Provides sequenced, reliable, bidirectional, connection-mode transmission paths for records. A record can be sent using one or more output operations and received using one or more input operations, but a single operation never transfers part of more than one record. Record boundaries are visible to the receiver via the MSG_EOR flag.
> >
> > it's supposed to be reliable - how is it legal to drop packets?
>
> Sorry, seems i need to rephrase description. "Packet" here means fragment of record(message) at transport
>
> layer. As this is SEQPACKET mode, receiver could get only whole message or error, so if only several fragments
>
> of message was copied (if signal received for example) we can't return it to user - it breaks SEQPACKET sense. I think,
>
> in this case we can drop rest of record's fragments legally.
>
>
> Thank You
Would not that violate the reliable property? IIUC it's only ok to
return an error if socket gets closed. Just like e.g. TCP ...
> >
> >
> >> When EOR is found, this mode is disabled and normal packet
> >> processing started. Note, that when 'drop until EOR' mode is on,
> >> incoming packets still inserted in queue, reader will be woken up,
> >> tries to copy data, but nothing will be copied until EOR found.
> >> It was possible to drain such unneeded packets it rx work without
> >> kicking user, but implemented way is simplest. Anyway, i think
> >> such cases are rare.
> >
> >> New test also added - it tries to copy to invalid user's
> >> buffer.
> >>
> >> Arseny Krasnov (16):
> >> af_vsock/virtio/vsock: change seqpacket receive logic
> >> af_vsock/virtio/vsock: remove 'seqpacket_has_data' callback
> >> virtio/vsock: remove 'msg_count' based logic
> >> af_vsock/virtio/vsock: add 'seqpacket_drop()' callback
> >> virtio/vsock: remove record size limit for SEQPACKET
> >> vsock_test: SEQPACKET read to broken buffer
> >>
> >> drivers/vhost/vsock.c | 2 +-
> >> include/linux/virtio_vsock.h | 7 +-
> >> include/net/af_vsock.h | 4 +-
> >> net/vmw_vsock/af_vsock.c | 44 ++++----
> >> net/vmw_vsock/virtio_transport.c | 2 +-
> >> net/vmw_vsock/virtio_transport_common.c | 103 ++++++++-----------
> >> net/vmw_vsock/vsock_loopback.c | 2 +-
> >> tools/testing/vsock/vsock_test.c | 120 ++++++++++++++++++++++
> >> 8 files changed, 193 insertions(+), 91 deletions(-)
> >>
> >> v1 -> v2:
> >> Patches reordered and reorganized.
> >>
> >> Signed-off-by: Arseny Krasnov <arseny.krasnov@...persky.com>
> >> ---
> >> cv.txt | 0
> >> 1 file changed, 0 insertions(+), 0 deletions(-)
> >> create mode 100644 cv.txt
> >>
> >> diff --git a/cv.txt b/cv.txt
> >> new file mode 100644
> >> index 000000000000..e69de29bb2d1
> >> --
> >> 2.25.1
> >
Powered by blists - more mailing lists