lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3d1d76c9-2fdb-3dfe-222a-b2184cf17708@sberdevices.ru>
Date:   Tue, 25 Jul 2023 12:16:11 +0300
From:   Arseniy Krasnov <avkrasnov@...rdevices.ru>
To:     Stefano Garzarella <sgarzare@...hat.com>
CC:     Stefan Hajnoczi <stefanha@...hat.com>,
        "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        "Michael S. Tsirkin" <mst@...hat.com>,
        Jason Wang <jasowang@...hat.com>,
        Bobby Eshleman <bobby.eshleman@...edance.com>,
        <kvm@...r.kernel.org>, <virtualization@...ts.linux-foundation.org>,
        <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <kernel@...rdevices.ru>, <oxffffaa@...il.com>
Subject: Re: [PATCH net-next v3 4/4] vsock/virtio: MSG_ZEROCOPY flag support



On 25.07.2023 11:46, Arseniy Krasnov wrote:
> 
> 
> On 25.07.2023 11:43, Stefano Garzarella wrote:
>> On Fri, Jul 21, 2023 at 08:09:03AM +0300, Arseniy Krasnov wrote:
>>>
>>>
>>> On 21.07.2023 00:42, Arseniy Krasnov wrote:
>>>> This adds handling of MSG_ZEROCOPY flag on transmission path: if this
>>>> flag is set and zerocopy transmission is possible (enabled in socket
>>>> options and transport allows zerocopy), then non-linear skb will be
>>>> created and filled with the pages of user's buffer. Pages of user's
>>>> buffer are locked in memory by 'get_user_pages()'. Second thing that
>>>> this patch does is replace type of skb owning: instead of calling
>>>> 'skb_set_owner_sk_safe()' it calls 'skb_set_owner_w()'. Reason of this
>>>> change is that '__zerocopy_sg_from_iter()' increments 'sk_wmem_alloc'
>>>> of socket, so to decrease this field correctly proper skb destructor is
>>>> needed: 'sock_wfree()'. This destructor is set by 'skb_set_owner_w()'.
>>>>
>>>> Signed-off-by: Arseniy Krasnov <AVKrasnov@...rdevices.ru>
>>>> ---
>>>>  Changelog:
>>>>  v5(big patchset) -> v1:
>>>>   * Refactorings of 'if' conditions.
>>>>   * Remove extra blank line.
>>>>   * Remove 'frag_off' field unneeded init.
>>>>   * Add function 'virtio_transport_fill_skb()' which fills both linear
>>>>     and non-linear skb with provided data.
>>>>  v1 -> v2:
>>>>   * Use original order of last four arguments in 'virtio_transport_alloc_skb()'.
>>>>  v2 -> v3:
>>>>   * Add new transport callback: 'msgzerocopy_check_iov'. It checks that
>>>>     provided 'iov_iter' with data could be sent in a zerocopy mode.
>>>>     If this callback is not set in transport - transport allows to send
>>>>     any 'iov_iter' in zerocopy mode. Otherwise - if callback returns 'true'
>>>>     then zerocopy is allowed. Reason of this callback is that in case of
>>>>     G2H transmission we insert whole skb to the tx virtio queue and such
>>>>     skb must fit to the size of the virtio queue to be sent in a single
>>>>     iteration (may be tx logic in 'virtio_transport.c' could be reworked
>>>>     as in vhost to support partial send of current skb). This callback
>>>>     will be enabled only for G2H path. For details pls see comment
>>>>     'Check that tx queue...' below.
>>>>
>>>>  include/net/af_vsock.h                  |   3 +
>>>>  net/vmw_vsock/virtio_transport.c        |  39 ++++
>>>>  net/vmw_vsock/virtio_transport_common.c | 257 ++++++++++++++++++------
>>>>  3 files changed, 241 insertions(+), 58 deletions(-)
>>>>
>>>> diff --git a/include/net/af_vsock.h b/include/net/af_vsock.h
>>>> index 0e7504a42925..a6b346eeeb8e 100644
>>>> --- a/include/net/af_vsock.h
>>>> +++ b/include/net/af_vsock.h
>>>> @@ -177,6 +177,9 @@ struct vsock_transport {
>>>>
>>>>      /* Read a single skb */
>>>>      int (*read_skb)(struct vsock_sock *, skb_read_actor_t);
>>>> +
>>>> +    /* Zero-copy. */
>>>> +    bool (*msgzerocopy_check_iov)(const struct iov_iter *);
>>>>  };
>>>>
>>>>  /**** CORE ****/
>>>> diff --git a/net/vmw_vsock/virtio_transport.c b/net/vmw_vsock/virtio_transport.c
>>>> index 7bbcc8093e51..23cb8ed638c4 100644
>>>> --- a/net/vmw_vsock/virtio_transport.c
>>>> +++ b/net/vmw_vsock/virtio_transport.c
>>>> @@ -442,6 +442,43 @@ static void virtio_vsock_rx_done(struct virtqueue *vq)
>>>>      queue_work(virtio_vsock_workqueue, &vsock->rx_work);
>>>>  }
>>>>
>>>> +static bool virtio_transport_msgzerocopy_check_iov(const struct iov_iter *iov)
>>>> +{
>>>> +    struct virtio_vsock *vsock;
>>>> +    bool res = false;
>>>> +
>>>> +    rcu_read_lock();
>>>> +
>>>> +    vsock = rcu_dereference(the_virtio_vsock);
>>>> +    if (vsock) {
>>>> +        struct virtqueue *vq;
>>>> +        int iov_pages;
>>>> +
>>>> +        vq = vsock->vqs[VSOCK_VQ_TX];
>>>> +
>>>> +        iov_pages = round_up(iov->count, PAGE_SIZE) / PAGE_SIZE;
>>>> +
>>>> +        /* Check that tx queue is large enough to keep whole
>>>> +         * data to send. This is needed, because when there is
>>>> +         * not enough free space in the queue, current skb to
>>>> +         * send will be reinserted to the head of tx list of
>>>> +         * the socket to retry transmission later, so if skb
>>>> +         * is bigger than whole queue, it will be reinserted
>>>> +         * again and again, thus blocking other skbs to be sent.
>>>> +         * Each page of the user provided buffer will be added
>>>> +         * as a single buffer to the tx virtqueue, so compare
>>>> +         * number of pages against maximum capacity of the queue.
>>>> +         * +1 means buffer for the packet header.
>>>> +         */
>>>> +        if (iov_pages + 1 <= vq->num_max)
>>>
>>> I think this check is actual only for case one we don't have indirect buffer feature.
>>> With indirect mode whole data to send will be packed into one indirect buffer.
>>
>> I think so.
>> So, should we check also that here?
>>
>>>
>>> Thanks, Arseniy
>>>
>>>> +            res = true;
>>>> +    }
>>>> +
>>>> +    rcu_read_unlock();
>>>> +
>>>> +    return res;
>>>> +}
>>>> +
>>>>  static bool virtio_transport_seqpacket_allow(u32 remote_cid);
>>>>
>>>>  static struct virtio_transport virtio_transport = {
>>>> @@ -475,6 +512,8 @@ static struct virtio_transport virtio_transport = {
>>>>          .seqpacket_allow          = virtio_transport_seqpacket_allow,
>>>>          .seqpacket_has_data       = virtio_transport_seqpacket_has_data,
>>>>
>>>> +        .msgzerocopy_check_iov      = virtio_transport_msgzerocopy_check_iov,
>>>> +
>>>>          .notify_poll_in           = virtio_transport_notify_poll_in,
>>>>          .notify_poll_out          = virtio_transport_notify_poll_out,
>>>>          .notify_recv_init         = virtio_transport_notify_recv_init,
>>>> diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio_transport_common.c
>>>> index 26a4d10da205..e4e3d541aff4 100644
>>>> --- a/net/vmw_vsock/virtio_transport_common.c
>>>> +++ b/net/vmw_vsock/virtio_transport_common.c
>>>> @@ -37,73 +37,122 @@ virtio_transport_get_ops(struct vsock_sock *vsk)
>>>>      return container_of(t, struct virtio_transport, transport);
>>>>  }
>>>>
>>>> -/* Returns a new packet on success, otherwise returns NULL.
>>>> - *
>>>> - * If NULL is returned, errp is set to a negative errno.
>>>> - */
>>>> -static struct sk_buff *
>>>> -virtio_transport_alloc_skb(struct virtio_vsock_pkt_info *info,
>>>> -               size_t len,
>>>> -               u32 src_cid,
>>>> -               u32 src_port,
>>>> -               u32 dst_cid,
>>>> -               u32 dst_port)
>>>> -{
>>>> -    const size_t skb_len = VIRTIO_VSOCK_SKB_HEADROOM + len;
>>>> -    struct virtio_vsock_hdr *hdr;
>>>> -    struct sk_buff *skb;
>>>> -    void *payload;
>>>> -    int err;
>>>> +static bool virtio_transport_can_zcopy(struct virtio_vsock_pkt_info *info,
>>>> +                       size_t max_to_send)
>>>> +{
>>>> +    const struct vsock_transport *t;
>>>> +    struct iov_iter *iov_iter;
>>>>
>>>> -    skb = virtio_vsock_alloc_skb(skb_len, GFP_KERNEL);
>>>> -    if (!skb)
>>>> -        return NULL;
>>>> +    if (!info->msg)
>>>> +        return false;
>>>>
>>>> -    hdr = virtio_vsock_hdr(skb);
>>>> -    hdr->type    = cpu_to_le16(info->type);
>>>> -    hdr->op        = cpu_to_le16(info->op);
>>>> -    hdr->src_cid    = cpu_to_le64(src_cid);
>>>> -    hdr->dst_cid    = cpu_to_le64(dst_cid);
>>>> -    hdr->src_port    = cpu_to_le32(src_port);
>>>> -    hdr->dst_port    = cpu_to_le32(dst_port);
>>>> -    hdr->flags    = cpu_to_le32(info->flags);
>>>> -    hdr->len    = cpu_to_le32(len);
>>>> +    iov_iter = &info->msg->msg_iter;
>>>>
>>>> -    if (info->msg && len > 0) {
>>>> -        payload = skb_put(skb, len);
>>>> -        err = memcpy_from_msg(payload, info->msg, len);
>>>> -        if (err)
>>>> -            goto out;
>>>> +    t = vsock_core_get_transport(info->vsk);
>>>>
>>>> -        if (msg_data_left(info->msg) == 0 &&
>>>> -            info->type == VIRTIO_VSOCK_TYPE_SEQPACKET) {
>>>> -            hdr->flags |= cpu_to_le32(VIRTIO_VSOCK_SEQ_EOM);
>>>> +    if (t->msgzerocopy_check_iov &&
>>>> +        !t->msgzerocopy_check_iov(iov_iter))
>>>> +        return false;
>>
>> I'd avoid adding a new transport callback used only internally in virtio
>> transports.
> 
> Ok, I see.
> 
>>
>> Usually the transport callbacks are used in af_vsock.c, if we need a
>> callback just for virtio transports, maybe better to add it in struct
>> virtio_vsock_pkt_info or struct virtio_vsock_sock.

Hm, may be I just need to move this callback from 'struct vsock_transport' to parent 'struct virtio_transport',
after 'send_pkt' callback. In this case:
1) AF_VSOCK part is not touched.
2) This callback stays in 'virtio_transport.c' and is set also in this file.
   vhost and loopback are unchanged - only 'send_pkt' still enabled in both
   files for these two transports.

Thanks, Arseniy

>>
>> Maybe better the last one so we don't have to allocate pointer space
>> for each packet and you should reach it via info.
> 
> Ok, thanks, I'll try this way
> 
> Thanks, Arseniy
> 
>>
>> Thanks,
>> Stefano
>>
>>>>
>>>> -            if (info->msg->msg_flags & MSG_EOR)
>>>> -                hdr->flags |= cpu_to_le32(VIRTIO_VSOCK_SEQ_EOR);
>>>> -        }
>>>> +    /* Data is simple buffer. */
>>>> +    if (iter_is_ubuf(iov_iter))
>>>> +        return true;
>>>> +
>>>> +    if (!iter_is_iovec(iov_iter))
>>>> +        return false;
>>>> +
>>>> +    if (iov_iter->iov_offset)
>>>> +        return false;
>>>> +
>>>> +    /* We can't send whole iov. */
>>>> +    if (iov_iter->count > max_to_send)
>>>> +        return false;
>>>> +
>>>> +    return true;
>>>> +}
>>>> +
>>>> +static int virtio_transport_init_zcopy_skb(struct vsock_sock *vsk,
>>>> +                       struct sk_buff *skb,
>>>> +                       struct msghdr *msg,
>>>> +                       bool zerocopy)
>>>> +{
>>>> +    struct ubuf_info *uarg;
>>>> +
>>>> +    if (msg->msg_ubuf) {
>>>> +        uarg = msg->msg_ubuf;
>>>> +        net_zcopy_get(uarg);
>>>> +    } else {
>>>> +        struct iov_iter *iter = &msg->msg_iter;
>>>> +        struct ubuf_info_msgzc *uarg_zc;
>>>> +        int len;
>>>> +
>>>> +        /* Only ITER_IOVEC or ITER_UBUF are allowed and
>>>> +         * checked before.
>>>> +         */
>>>> +        if (iter_is_iovec(iter))
>>>> +            len = iov_length(iter->__iov, iter->nr_segs);
>>>> +        else
>>>> +            len = iter->count;
>>>> +
>>>> +        uarg = msg_zerocopy_realloc(sk_vsock(vsk),
>>>> +                        len,
>>>> +                        NULL);
>>>> +        if (!uarg)
>>>> +            return -1;
>>>> +
>>>> +        uarg_zc = uarg_to_msgzc(uarg);
>>>> +        uarg_zc->zerocopy = zerocopy ? 1 : 0;
>>>>      }
>>>>
>>>> -    if (info->reply)
>>>> -        virtio_vsock_skb_set_reply(skb);
>>>> +    skb_zcopy_init(skb, uarg);
>>>>
>>>> -    trace_virtio_transport_alloc_pkt(src_cid, src_port,
>>>> -                     dst_cid, dst_port,
>>>> -                     len,
>>>> -                     info->type,
>>>> -                     info->op,
>>>> -                     info->flags);
>>>> +    return 0;
>>>> +}
>>>>
>>>> -    if (info->vsk && !skb_set_owner_sk_safe(skb, sk_vsock(info->vsk))) {
>>>> -        WARN_ONCE(1, "failed to allocate skb on vsock socket with sk_refcnt == 0\n");
>>>> -        goto out;
>>>> +static int virtio_transport_fill_skb(struct sk_buff *skb,
>>>> +                     struct virtio_vsock_pkt_info *info,
>>>> +                     size_t len,
>>>> +                     bool zcopy)
>>>> +{
>>>> +    if (zcopy) {
>>>> +        return __zerocopy_sg_from_iter(info->msg, NULL, skb,
>>>> +                          &info->msg->msg_iter,
>>>> +                          len);
>>>> +    } else {
>>>> +        void *payload;
>>>> +        int err;
>>>> +
>>>> +        payload = skb_put(skb, len);
>>>> +        err = memcpy_from_msg(payload, info->msg, len);
>>>> +        if (err)
>>>> +            return -1;
>>>> +
>>>> +        if (msg_data_left(info->msg))
>>>> +            return 0;
>>>> +
>>>> +        return 0;
>>>>      }
>>>> +}
>>>>
>>>> -    return skb;
>>>> +static void virtio_transport_init_hdr(struct sk_buff *skb,
>>>> +                      struct virtio_vsock_pkt_info *info,
>>>> +                      u32 src_cid,
>>>> +                      u32 src_port,
>>>> +                      u32 dst_cid,
>>>> +                      u32 dst_port,
>>>> +                      size_t len)
>>>> +{
>>>> +    struct virtio_vsock_hdr *hdr;
>>>>
>>>> -out:
>>>> -    kfree_skb(skb);
>>>> -    return NULL;
>>>> +    hdr = virtio_vsock_hdr(skb);
>>>> +    hdr->type    = cpu_to_le16(info->type);
>>>> +    hdr->op        = cpu_to_le16(info->op);
>>>> +    hdr->src_cid    = cpu_to_le64(src_cid);
>>>> +    hdr->dst_cid    = cpu_to_le64(dst_cid);
>>>> +    hdr->src_port    = cpu_to_le32(src_port);
>>>> +    hdr->dst_port    = cpu_to_le32(dst_port);
>>>> +    hdr->flags    = cpu_to_le32(info->flags);
>>>> +    hdr->len    = cpu_to_le32(len);
>>>>  }
>>>>
>>>>  static void virtio_transport_copy_nonlinear_skb(const struct sk_buff *skb,
>>>> @@ -214,6 +263,70 @@ static u16 virtio_transport_get_type(struct sock *sk)
>>>>          return VIRTIO_VSOCK_TYPE_SEQPACKET;
>>>>  }
>>>>
>>>> +static struct sk_buff *virtio_transport_alloc_skb(struct vsock_sock *vsk,
>>>> +                          struct virtio_vsock_pkt_info *info,
>>>> +                          size_t payload_len,
>>>> +                          bool zcopy,
>>>> +                          u32 src_cid,
>>>> +                          u32 src_port,
>>>> +                          u32 dst_cid,
>>>> +                          u32 dst_port)
>>>> +{
>>>> +    struct sk_buff *skb;
>>>> +    size_t skb_len;
>>>> +
>>>> +    skb_len = VIRTIO_VSOCK_SKB_HEADROOM;
>>>> +
>>>> +    if (!zcopy)
>>>> +        skb_len += payload_len;
>>>> +
>>>> +    skb = virtio_vsock_alloc_skb(skb_len, GFP_KERNEL);
>>>> +    if (!skb)
>>>> +        return NULL;
>>>> +
>>>> +    virtio_transport_init_hdr(skb, info, src_cid, src_port,
>>>> +                  dst_cid, dst_port,
>>>> +                  payload_len);
>>>> +
>>>> +    /* Set owner here, because '__zerocopy_sg_from_iter()' uses
>>>> +     * owner of skb without check to update 'sk_wmem_alloc'.
>>>> +     */
>>>> +    if (vsk)
>>>> +        skb_set_owner_w(skb, sk_vsock(vsk));
>>>> +
>>>> +    if (info->msg && payload_len > 0) {
>>>> +        int err;
>>>> +
>>>> +        err = virtio_transport_fill_skb(skb, info, payload_len, zcopy);
>>>> +        if (err)
>>>> +            goto out;
>>>> +
>>>> +        if (info->type == VIRTIO_VSOCK_TYPE_SEQPACKET) {
>>>> +            struct virtio_vsock_hdr *hdr = virtio_vsock_hdr(skb);
>>>> +
>>>> +            hdr->flags |= cpu_to_le32(VIRTIO_VSOCK_SEQ_EOM);
>>>> +
>>>> +            if (info->msg->msg_flags & MSG_EOR)
>>>> +                hdr->flags |= cpu_to_le32(VIRTIO_VSOCK_SEQ_EOR);
>>>> +        }
>>>> +    }
>>>> +
>>>> +    if (info->reply)
>>>> +        virtio_vsock_skb_set_reply(skb);
>>>> +
>>>> +    trace_virtio_transport_alloc_pkt(src_cid, src_port,
>>>> +                     dst_cid, dst_port,
>>>> +                     payload_len,
>>>> +                     info->type,
>>>> +                     info->op,
>>>> +                     info->flags);
>>>> +
>>>> +    return skb;
>>>> +out:
>>>> +    kfree_skb(skb);
>>>> +    return NULL;
>>>> +}
>>>> +
>>>>  /* This function can only be used on connecting/connected sockets,
>>>>   * since a socket assigned to a transport is required.
>>>>   *
>>>> @@ -222,10 +335,12 @@ static u16 virtio_transport_get_type(struct sock *sk)
>>>>  static int virtio_transport_send_pkt_info(struct vsock_sock *vsk,
>>>>                        struct virtio_vsock_pkt_info *info)
>>>>  {
>>>> +    u32 max_skb_len = VIRTIO_VSOCK_MAX_PKT_BUF_SIZE;
>>>>      u32 src_cid, src_port, dst_cid, dst_port;
>>>>      const struct virtio_transport *t_ops;
>>>>      struct virtio_vsock_sock *vvs;
>>>>      u32 pkt_len = info->pkt_len;
>>>> +    bool can_zcopy = false;
>>>>      u32 rest_len;
>>>>      int ret;
>>>>
>>>> @@ -254,15 +369,30 @@ static int virtio_transport_send_pkt_info(struct vsock_sock *vsk,
>>>>      if (pkt_len == 0 && info->op == VIRTIO_VSOCK_OP_RW)
>>>>          return pkt_len;
>>>>
>>>> +    if (info->msg) {
>>>> +        /* If zerocopy is not enabled by 'setsockopt()', we behave as
>>>> +         * there is no MSG_ZEROCOPY flag set.
>>>> +         */
>>>> +        if (!sock_flag(sk_vsock(vsk), SOCK_ZEROCOPY))
>>>> +            info->msg->msg_flags &= ~MSG_ZEROCOPY;
>>>> +
>>>> +        if (info->msg->msg_flags & MSG_ZEROCOPY)
>>>> +            can_zcopy = virtio_transport_can_zcopy(info, pkt_len);
>>>> +
>>>> +        if (can_zcopy)
>>>> +            max_skb_len = min_t(u32, VIRTIO_VSOCK_MAX_PKT_BUF_SIZE,
>>>> +                        (MAX_SKB_FRAGS * PAGE_SIZE));
>>>> +    }
>>>> +
>>>>      rest_len = pkt_len;
>>>>
>>>>      do {
>>>>          struct sk_buff *skb;
>>>>          size_t skb_len;
>>>>
>>>> -        skb_len = min_t(u32, VIRTIO_VSOCK_MAX_PKT_BUF_SIZE, rest_len);
>>>> +        skb_len = min(max_skb_len, rest_len);
>>>>
>>>> -        skb = virtio_transport_alloc_skb(info, skb_len,
>>>> +        skb = virtio_transport_alloc_skb(vsk, info, skb_len, can_zcopy,
>>>>                           src_cid, src_port,
>>>>                           dst_cid, dst_port);
>>>>          if (!skb) {
>>>> @@ -270,6 +400,17 @@ static int virtio_transport_send_pkt_info(struct vsock_sock *vsk,
>>>>              break;
>>>>          }
>>>>
>>>> +        /* This is last skb to send this portion of data. */
>>>> +        if (info->msg && info->msg->msg_flags & MSG_ZEROCOPY &&
>>>> +            skb_len == rest_len && info->op == VIRTIO_VSOCK_OP_RW) {
>>>> +            if (virtio_transport_init_zcopy_skb(vsk, skb,
>>>> +                                info->msg,
>>>> +                                can_zcopy)) {
>>>> +                ret = -ENOMEM;
>>>> +                break;
>>>> +            }
>>>> +        }
>>>> +
>>>>          virtio_transport_inc_tx_pkt(vvs, skb);
>>>>
>>>>          ret = t_ops->send_pkt(skb);
>>>> @@ -934,7 +1075,7 @@ static int virtio_transport_reset_no_sock(const struct virtio_transport *t,
>>>>      if (!t)
>>>>          return -ENOTCONN;
>>>>
>>>> -    reply = virtio_transport_alloc_skb(&info, 0,
>>>> +    reply = virtio_transport_alloc_skb(NULL, &info, 0, false,
>>>>                         le64_to_cpu(hdr->dst_cid),
>>>>                         le32_to_cpu(hdr->dst_port),
>>>>                         le64_to_cpu(hdr->src_cid),
>>>
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ