| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 22 Nov 2020 11:10:37 +0000
From: Justin He <Justin.He@....com>
To: Stefano Garzarella <sgarzare@...hat.com>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC: Sergio Lopez <slp@...hat.com>,
"David S. Miller" <davem@...emloft.net>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Stefan Hajnoczi <stefanha@...hat.com>,
"virtualization@...ts.linux-foundation.org"
<virtualization@...ts.linux-foundation.org>,
Jakub Kicinski <kuba@...nel.org>
Subject: RE: [PATCH net] vsock/virtio: discard packets only when socket is
really closed
> -----Original Message-----
> From: Stefano Garzarella <sgarzare@...hat.com>
> Sent: Friday, November 20, 2020 6:48 PM
> To: netdev@...r.kernel.org
> Cc: Sergio Lopez <slp@...hat.com>; David S. Miller <davem@...emloft.net>;
> Stefano Garzarella <sgarzare@...hat.com>; Justin He <Justin.He@....com>;
> kvm@...r.kernel.org; linux-kernel@...r.kernel.org; Stefan Hajnoczi
> <stefanha@...hat.com>; virtualization@...ts.linux-foundation.org; Jakub
> Kicinski <kuba@...nel.org>
> Subject: [PATCH net] vsock/virtio: discard packets only when socket is
> really closed
>
> Starting from commit 8692cefc433f ("virtio_vsock: Fix race condition
> in virtio_transport_recv_pkt"), we discard packets in
> virtio_transport_recv_pkt() if the socket has been released.
>
> When the socket is connected, we schedule a delayed work to wait the
> RST packet from the other peer, also if SHUTDOWN_MASK is set in
> sk->sk_shutdown.
> This is done to complete the virtio-vsock shutdown algorithm, releasing
> the port assigned to the socket definitively only when the other peer
> has consumed all the packets.
>
> If we discard the RST packet received, the socket will be closed only
> when the VSOCK_CLOSE_TIMEOUT is reached.
>
> Sergio discovered the issue while running ab(1) HTTP benchmark using
> libkrun [1] and observing a latency increase with that commit.
>
> To avoid this issue, we discard packet only if the socket is really
> closed (SOCK_DONE flag is set).
> We also set SOCK_DONE in virtio_transport_release() when we don't need
> to wait any packets from the other peer (we didn't schedule the delayed
> work). In this case we remove the socket from the vsock lists, releasing
> the port assigned.
>
> [1] https://github.com/containers/libkrun
>
> Fixes: 8692cefc433f ("virtio_vsock: Fix race condition in
> virtio_transport_recv_pkt")
Acked-by: Jia He <justin.he@....com>
--
Cheers,
Justin (Jia He)
> Cc: justin.he@....com
> Reported-by: Sergio Lopez <slp@...hat.com>
> Tested-by: Sergio Lopez <slp@...hat.com>
> Signed-off-by: Stefano Garzarella <sgarzare@...hat.com>
> ---
> net/vmw_vsock/virtio_transport_common.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/net/vmw_vsock/virtio_transport_common.c
> b/net/vmw_vsock/virtio_transport_common.c
> index 0edda1edf988..5956939eebb7 100644
> --- a/net/vmw_vsock/virtio_transport_common.c
> +++ b/net/vmw_vsock/virtio_transport_common.c
> @@ -841,8 +841,10 @@ void virtio_transport_release(struct vsock_sock *vsk)
> virtio_transport_free_pkt(pkt);
> }
>
> -if (remove_sock)
> +if (remove_sock) {
> +sock_set_flag(sk, SOCK_DONE);
> vsock_remove_sock(vsk);
> +}
> }
> EXPORT_SYMBOL_GPL(virtio_transport_release);
>
> @@ -1132,8 +1134,8 @@ void virtio_transport_recv_pkt(struct
> virtio_transport *t,
>
> lock_sock(sk);
>
> -/* Check if sk has been released before lock_sock */
> -if (sk->sk_shutdown == SHUTDOWN_MASK) {
> +/* Check if sk has been closed before lock_sock */
> +if (sock_flag(sk, SOCK_DONE)) {
> (void)virtio_transport_reset_no_sock(t, pkt);
> release_sock(sk);
> sock_put(sk);
> --
> 2.26.2
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
Powered by blists - more mailing lists