lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Sat, 30 May 2020 21:52:43 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     toke@...hat.com
Cc:     netdev@...r.kernel.org, cake@...ts.bufferbloat.net
Subject: Re: [PATCH net] sch_cake: Take advantage of skb->hash where
 appropriate

From: Toke Høiland-Jørgensen <toke@...hat.com>
Date: Fri, 29 May 2020 14:43:44 +0200

> While the other fq-based qdiscs take advantage of skb->hash and doesn't
> recompute it if it is already set, sch_cake does not.
> 
> This was a deliberate choice because sch_cake hashes various parts of the
> packet header to support its advanced flow isolation modes. However,
> foregoing the use of skb->hash entirely loses a few important benefits:
> 
> - When skb->hash is set by hardware, a few CPU cycles can be saved by not
>   hashing again in software.
> 
> - Tunnel encapsulations will generally preserve the value of skb->hash from
>   before the encapsulation, which allows flow-based qdiscs to distinguish
>   between flows even though the outer packet header no longer has flow
>   information.
> 
> It turns out that we can preserve these desirable properties in many cases,
> while still supporting the advanced flow isolation properties of sch_cake.
> This patch does so by reusing the skb->hash value as the flow_hash part of
> the hashing procedure in cake_hash() only in the following conditions:
> 
> - If the skb->hash is marked as covering the flow headers (skb->l4_hash is
>   set)
> 
> AND
> 
> - NAT header rewriting is either disabled, or did not change any values
>   used for hashing. The latter is important to match local-origin packets
>   such as those of a tunnel endpoint.
> 
> The immediate motivation for fixing this was the recent patch to WireGuard
> to preserve the skb->hash on encapsulation. As such, this is also what I
> tested against; with this patch, added latency under load for competing
> flows drops from ~8 ms to sub-1ms on an RRUL test over a WireGuard tunnel
> going through a virtual link shaped to 1Gbps using sch_cake. This matches
> the results we saw with a similar setup using sch_fq_codel when testing the
> WireGuard patch.
> 
> Fixes: 046f6fd5daef ("sched: Add Common Applications Kept Enhanced (cake) qdisc")
> Signed-off-by: Toke Høiland-Jørgensen <toke@...hat.com>

Applied to net-next, thanks.

Powered by blists - more mailing lists