| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090420133253.422747b4@nehalam> Date: Mon, 20 Apr 2009 13:32:53 -0700 From: Stephen Hemminger <shemminger@...tta.com> To: Eric Dumazet <dada1@...mosbay.com> Cc: paulmck@...ux.vnet.ibm.com, Evgeniy Polyakov <zbr@...emap.net>, David Miller <davem@...emloft.net>, kaber@...sh.net, torvalds@...ux-foundation.org, jeff.chua.linux@...il.com, paulus@...ba.org, mingo@...e.hu, laijs@...fujitsu.com, jengelh@...ozas.de, r000n@...0n.net, linux-kernel@...r.kernel.org, netfilter-devel@...r.kernel.org, netdev@...r.kernel.org, benh@...nel.crashing.org, mathieu.desnoyers@...ymtl.ca Subject: Re: [PATCH] netfilter: use per-cpu recursive lock (v10) On Mon, 20 Apr 2009 20:25:14 +0200 Eric Dumazet <dada1@...mosbay.com> wrote: > Stephen Hemminger a écrit : > > This version of x_tables (ip/ip6/arp) locking uses a per-cpu > > recursive lock that can be nested. It is sort of like existing kernel_lock, > > rwlock_t and even old 2.4 brlock. > > > > "Reader" is ip/arp/ip6 tables rule processing which runs per-cpu. > > It needs to ensure that the rules are not being changed while packet > > is being processed. > > > > "Writer" is used in two cases: first is replacing rules in which case > > all packets in flight have to be processed before rules are swapped, > > then counters are read from the old (stale) info. Second case is where > > counters need to be read on the fly, in this case all CPU's are blocked > > from further rule processing until values are aggregated. > > > > The idea for this came from an earlier version done by Eric Dumazet. > > Locking is done per-cpu, the fast path locks on the current cpu > > and updates counters. This reduces the contention of a > > single reader lock (in 2.6.29) without the delay of synchronize_net() > > (in 2.6.30-rc2). > > > > The mutex that was added for 2.6.30 in xt_table is unnecessary since > > there already is a mutex for xt[af].mutex that is held. > > > > Signed-off-by: Stephen Hemminger <shemminger@...tta.com > > > > --- > > Changes from earlier patches. > > - function name changes > > - disable bottom half in info_rdlock > > OK, but we still have a problem on machines with >= 250 cpus, > because calling 250 times spin_lock() is going to overflow preempt_count, > as each spin_lock() increases preempt_count by one. Ok, not that I have one of those. The problem which lockdep has is that it seems to associate all the locks with same name. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists