| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 24 Dec 2009 14:17:02 +0200
From: Octavian Purdila <opurdila@...acom.com>
To: Eric Dumazet <eric.dumazet@...il.com>
Cc: netdev@...r.kernel.org,
Arnaldo Carvalho de Melo <acme@...stprotocols.net>
Subject: Re: [net-next PATCH v2] llc enhancements
On Thursday 24 December 2009 10:35:31 you wrote:
> Le 24/12/2009 00:45, Octavian Purdila a écrit :
> > This patch modifies the LLC code to scale the socket lookup code for a
> > large number of interfaces and large number of sockets bound to the
> > same SAP. We use it for STP traffic generation from a large number of
> > virtual STP ports, via virtual network interfaces.
> >
> > In the process we converted the socket lookup code and sap list to use
> > RCU. It also contains some general cleanups (use dev_hard_header
> > instead of handcrafting the headers) and enhancements (LLC_OPT_PKTINFO).
> >
> > This is the 2nd version. Changes from the previous version:
> >
> > - added SO_BINDTODEVICE support for faster bind operations
> > - converted the socket lookup code and sap list to RCU
> > - optimized multicast delivery ala Eric
> > - remove some unused APIs (which should be private anyway)
> >
> > Many thanks to Eric Dumazet for his continuous guidance and to Jarek
> > Poplawski for spotting a locking bug in the previous version.
>
> Pretty impressive work Octavian !
>
> My only concerns (before drinking my coffee, I might be wrong...) are :
>
> 1) Patch 7/9 : __llc_lookup_established()
> Checking slot number is not enough I am afraid. A socket can be freed,
> re-allocated, inserted in another sap hash list on _same_ slot number.
> We dont have this problem with UDP/TCP since we have only
> one hash table on machine, but with llc, we might have many sap hash
> tables.
>
> So before if (llc_estab_match(sap, daddr, laddr, rc)) test, you probably
> need to check if we found a socket hashed on a different hash table and
> restart the lookup.
>
Woudn't the sap check after the the atomic_inc check take care of this?
rcu_read_lock();
again:
sk_nulls_for_each_rcu(rc, node, laddr_hb) {
if (llc_estab_match(sap, daddr, laddr, rc)) {
/* Extra checks required by SLAB_DESTROY_BY_RCU */
if (unlikely(!atomic_inc_not_zero(&rc->sk_refcnt) ||
llc_sk(rc)->sap != sap))
goto again;
if (unlikely(!llc_estab_match(sap, daddr, laddr, rc))) {
sock_put(rc);
continue;
}
goto found;
}
}
But, I found a leak issue: if the sap check fails we should sock_put the socket before trying again !
> 2) the WARN_ON() removal in patch 7/9 :
>
> void llc_sap_close(struct llc_sap *sap)
> {
> - WARN_ON(!hlist_nulls_empty(&sap->sk_list));
> llc_del_sap(sap);
> kfree(sap);
> }
>
> I believe we should keep the sanity test some time, converted to
> sk_laddr_hash[] variant.
I think adding counter would be necessary for this - to avoid iterating over all the hash buckets. Does that sound ok?
Thanks !
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists