lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 12 Jan 2023 21:03:55 -0700
From:   David Ahern <dsahern@...nel.org>
To:     Jon Maxwell <jmaxwell37@...il.com>, davem@...emloft.net
Cc:     edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
        yoshfuji@...ux-ipv6.org, martin.lau@...nel.org,
        joel@...lfernandes.org, paulmck@...nel.org, eyal.birger@...il.com,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        Andrea Mayer <andrea.mayer@...roma2.it>
Subject: Re: [net-next v2] ipv6: remove max_size check inline with ipv4

On 1/11/23 6:25 PM, Jon Maxwell wrote:
> v2: Correct syntax error in net/ipv6/route.c
> 
> In ip6_dst_gc() replace: 
> 
> if (entries > gc_thresh)
> 
> With:
> 
> if (entries > ops->gc_thresh)
> 
> Sending Ipv6 packets in a loop via a raw socket triggers an issue where a 
> route is cloned by ip6_rt_cache_alloc() for each packet sent. This quickly 
> consumes the Ipv6 max_size threshold which defaults to 4096 resulting in 
> these warnings:
> 
> [1]   99.187805] dst_alloc: 7728 callbacks suppressed
> [2] Route cache is full: consider increasing sysctl net.ipv6.route.max_size.
> .
> .
> [300] Route cache is full: consider increasing sysctl net.ipv6.route.max_size.
> 
> When this happens the packet is dropped and sendto() gets a network is 
> unreachable error:
> 
> # ./a.out -s 
> 
> remaining pkt 200557 errno 101
> remaining pkt 196462 errno 101
> .
> .
> remaining pkt 126821 errno 101
> 
> Implement David Aherns suggestion to remove max_size check seeing that Ipv6 
> has a GC to manage memory usage. Ipv4 already does not check max_size.
> 
> Here are some memory comparisons for Ipv4 vs Ipv6 with the patch:
> 
> Test by running 5 instances of a program that sends UDP packets to a raw 
> socket 5000000 times. Compare Ipv4 and Ipv6 performance with a similar 
> program.
> 
> Ipv4: 
> 
> Before test:
> 
> # grep -e Slab -e Free /proc/meminfo
> MemFree:        29427108 kB
> Slab:             237612 kB
> 
> # grep dst_cache /proc/slabinfo
> ip6_dst_cache       1912   2528    256   32    2 : tunables    0    0    0 
> xfrm_dst_cache         0      0    320   25    2 : tunables    0    0    0 
> ip_dst_cache        2881   3990    192   42    2 : tunables    0    0    0 
> 
> During test:
> 
> # grep -e Slab -e Free /proc/meminfo
> MemFree:        29417608 kB
> Slab:             247712 kB
> 
> # grep dst_cache /proc/slabinfo
> ip6_dst_cache       1912   2528    256   32    2 : tunables    0    0    0 
> xfrm_dst_cache         0      0    320   25    2 : tunables    0    0    0 
> ip_dst_cache       44394  44394    192   42    2 : tunables    0    0    0 
> 
> After test:
> 
> # grep -e Slab -e Free /proc/meminfo
> MemFree:        29422308 kB
> Slab:             238104 kB
> 
> # grep dst_cache /proc/slabinfo
> ip6_dst_cache       1912   2528    256   32    2 : tunables    0    0    0 
> xfrm_dst_cache         0      0    320   25    2 : tunables    0    0    0 
> ip_dst_cache        3048   4116    192   42    2 : tunables    0    0    0 
> 
> Ipv6 with patch:
> 
> Errno 101 errors are not observed anymore with the patch.
> 
> Before test:
> 
> # grep -e Slab -e Free /proc/meminfo
> MemFree:        29422308 kB
> Slab:             238104 kB
> 
> # grep dst_cache /proc/slabinfo
> ip6_dst_cache       1912   2528    256   32    2 : tunables    0    0    0 
> xfrm_dst_cache         0      0    320   25    2 : tunables    0    0    0 
> ip_dst_cache        3048   4116    192   42    2 : tunables    0    0    0 
> 
> During Test:
> 
> # grep -e Slab -e Free /proc/meminfo
> MemFree:        29431516 kB
> Slab:             240940 kB
> 
> # grep dst_cache /proc/slabinfo
> ip6_dst_cache      11980  12064    256   32    2 : tunables    0    0    0
> xfrm_dst_cache         0      0    320   25    2 : tunables    0    0    0
> ip_dst_cache        3048   4116    192   42    2 : tunables    0    0    0
> 
> After Test:
> 
> # grep -e Slab -e Free /proc/meminfo
> MemFree:        29441816 kB
> Slab:             238132 kB
> 
> # grep dst_cache /proc/slabinfo
> ip6_dst_cache       1902   2432    256   32    2 : tunables    0    0    0
> xfrm_dst_cache         0      0    320   25    2 : tunables    0    0    0
> ip_dst_cache        3048   4116    192   42    2 : tunables    0    0    0
> 
> Tested-by: Andrea Mayer <andrea.mayer@...roma2.it>
> Signed-off-by: Jon Maxwell <jmaxwell37@...il.com>
> ---
>  include/net/dst_ops.h |  2 +-
>  net/core/dst.c        |  8 ++------
>  net/ipv6/route.c      | 13 +++++--------
>  3 files changed, 8 insertions(+), 15 deletions(-)
> 

Thanks for the data in the commit message.

Reviewed-by: David Ahern <dsahern@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ