lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1450285688.8474.86.camel@edumazet-glaptop2.roam.corp.google.com>
Date:	Wed, 16 Dec 2015 09:08:08 -0800
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Haiyang Zhang <haiyangz@...rosoft.com>
Cc:	davem@...emloft.net, netdev@...r.kernel.org, kys@...rosoft.com,
	olaf@...fle.de, linux-kernel@...r.kernel.org,
	driverdev-devel@...uxdriverproject.org
Subject: Re: [PATCH net-next] hv_netvsc: Use simple parser for IPv4 and v6
 headers

On Wed, 2015-12-16 at 10:03 -0800, Haiyang Zhang wrote:
> To avoid performance overhead when using skb_flow_dissect_flow_keys(),
> we switch to the simple parsers to get the IP and port numbers.
> 
> Performance comparison: throughput (Gbps):
> Number of connections, before patch, after patch
> 1			8.56		10.18
> 4			11.17		14.07
> 16			12.21		21.78
> 64			18.71		32.08
> 256			15.92		26.32
> 1024			8.41		15.49
> 3000			7.82		11.58
> 
> Signed-off-by: Haiyang Zhang <haiyangz@...rosoft.com>
> Tested-by: Simon Xiao <sixiao@...rosoft.com>
> Reviewed-by: K. Y. Srinivasan <kys@...rosoft.com>
> ---
>  drivers/net/hyperv/netvsc_drv.c |   38 +++++++++++++++++++++++++++++---------
>  1 files changed, 29 insertions(+), 9 deletions(-)
> 
> diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/net/hyperv/netvsc_drv.c
> index 1c8db9a..e28951f 100644
> --- a/drivers/net/hyperv/netvsc_drv.c
> +++ b/drivers/net/hyperv/netvsc_drv.c
> @@ -237,20 +237,40 @@ static u32 comp_hash(u8 *key, int klen, void *data, int dlen)
>  
>  static bool netvsc_set_hash(u32 *hash, struct sk_buff *skb)
>  {
> -	struct flow_keys flow;
> +	struct iphdr *iphdr;
> +	struct ipv6hdr *ipv6hdr;
> +	__be32 dbuf[9];
>  	int data_len;
>  
> -	if (!skb_flow_dissect_flow_keys(skb, &flow, 0) ||
> -	    !(flow.basic.n_proto == htons(ETH_P_IP) ||
> -	      flow.basic.n_proto == htons(ETH_P_IPV6)))
> +	if (eth_hdr(skb)->h_proto != htons(ETH_P_IP) &&
> +	    eth_hdr(skb)->h_proto != htons(ETH_P_IPV6))
>  		return false;
>  
> -	if (flow.basic.ip_proto == IPPROTO_TCP)
> -		data_len = 12;
> -	else
> -		data_len = 8;
> +	iphdr = ip_hdr(skb);
> +	ipv6hdr = ipv6_hdr(skb);
> +
> +	if (iphdr->version == 4) {
> +		dbuf[0] = iphdr->saddr;
> +		dbuf[1] = iphdr->daddr;
> +		if (iphdr->protocol == IPPROTO_TCP) {
> +			dbuf[2] = *(__be32 *)&tcp_hdr(skb)->source;
> +			data_len = 12;
> +		} else {
> +			data_len = 8;
> +		}
> +	} else if (ipv6hdr->version == 6) {
> +		memcpy(dbuf, &ipv6hdr->saddr, 32);
> +		if (ipv6hdr->nexthdr == IPPROTO_TCP) {
> +			dbuf[8] = *(__be32 *)&tcp_hdr(skb)->source;
> +			data_len = 36;
> +		} else {
> +			data_len = 32;
> +		}
> +	} else {
> +		return false;
> +	}
>  
> -	*hash = comp_hash(netvsc_hash_key, HASH_KEYLEN, &flow, data_len);
> +	*hash = comp_hash(netvsc_hash_key, HASH_KEYLEN, dbuf, data_len);
>  
>  	return true;
>  }


This looks very very wrong to me.

How many times this is called per second, for the 'one flow' case ?

Don't you use TSO in this driver ?

What about encapsulation ?

I suspect you have a quite different issue here.

You simply could use skb_get_hash() since local TCP flows will provide a
l4 skb->hash and you have no further flow dissection to do.




--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ