[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190711201633.552292e6@cakuba.netronome.com>
Date: Thu, 11 Jul 2019 20:16:33 -0700
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: John Fastabend <john.fastabend@...il.com>
Cc: ast@...nel.org, daniel@...earbox.net, netdev@...r.kernel.org,
edumazet@...gle.com, bpf@...r.kernel.org
Subject: Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect
with close
On Thu, 11 Jul 2019 14:25:54 -0700, John Fastabend wrote:
> Jakub Kicinski wrote:
> > On Thu, 11 Jul 2019 09:47:16 -0700, John Fastabend wrote:
> > > Jakub Kicinski wrote:
> > > > On Wed, 10 Jul 2019 12:34:17 -0700, Jakub Kicinski wrote:
> > > > > > > > + if (sk->sk_prot->unhash)
> > > > > > > > + sk->sk_prot->unhash(sk);
> > > > > > > > + }
> > > > > > > > +
> > > > > > > > + ctx = tls_get_ctx(sk);
> > > > > > > > + if (ctx->tx_conf == TLS_SW || ctx->rx_conf == TLS_SW)
> > > > > > > > + tls_sk_proto_cleanup(sk, ctx, timeo);
> > > >
> > > > Do we still need to hook into unhash? With patch 6 in place perhaps we
> > > > can just do disconnect 🥺
> > >
> > > ?? "can just do a disconnect", not sure I folow. We still need unhash
> > > in cases where we have a TLS socket transition from ESTABLISHED
> > > to LISTEN state without calling close(). This is independent of if
> > > sockmap is running or not.
> > >
> > > Originally, I thought this would be extremely rare but I did see it
> > > in real applications on the sockmap side so presumably it is possible
> > > here as well.
> >
> > Ugh, sorry, I meant shutdown. Instead of replacing the unhash callback
> > replace the shutdown callback. We probably shouldn't release the socket
> > lock either there, but we can sleep, so I'll be able to run the device
> > connection remove callback (which sleep).
>
> ah OK seems doable to me. Do you want to write that on top of this
> series? Or would you like to push it onto your branch and I can pull
> it in push the rest of the patches on top and send it out? I think
> if you can get to it in the next few days then it makes sense to wait.
Mm.. perhaps its easiest if we forget about HW for now and get SW
to work? Once you get the SW to 100% I can probably figure out what
to do for HW, but I feel like we got too many moving parts ATM.
> I can't test the hardware side so probably makes more sense for
> you to do it if you can.
>
> > > > cleanup is going to kick off TX but also:
> > > >
> > > > if (unlikely(sk->sk_write_pending) &&
> > > > !wait_on_pending_writer(sk, &timeo))
> > > > tls_handle_open_record(sk, 0);
> > > >
> > > > Are we guaranteed that sk_write_pending is 0? Otherwise
> > > > wait_on_pending_writer is hiding yet another release_sock() :(
> > >
> > > Not seeing the path to release_sock() at the moment?
> > >
> > > tls_handle_open_record
> > > push_pending_record
> > > tls_sw_push_pending_record
> > > bpf_exec_tx_verdict
> >
> > wait_on_pending_writer
> > sk_wait_event
> > release_sock
> >
>
> ah OK. I'll check on sk_write_pending...
Powered by blists - more mailing lists