lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220429161810.GA175@qian> Date: Fri, 29 Apr 2022 12:18:10 -0400 From: Qian Cai <quic_qiancai@...cinc.com> To: Eric Dumazet <eric.dumazet@...il.com> CC: "David S . Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, netdev <netdev@...r.kernel.org>, Eric Dumazet <edumazet@...gle.com> Subject: Re: [PATCH v2 net-next] net: generalize skb freeing deferral to per-cpu lists On Fri, Apr 22, 2022 at 01:12:37PM -0700, Eric Dumazet wrote: > From: Eric Dumazet <edumazet@...gle.com> > > Logic added in commit f35f821935d8 ("tcp: defer skb freeing after socket > lock is released") helped bulk TCP flows to move the cost of skbs > frees outside of critical section where socket lock was held. > > But for RPC traffic, or hosts with RFS enabled, the solution is far from > being ideal. > > For RPC traffic, recvmsg() has to return to user space right after > skb payload has been consumed, meaning that BH handler has no chance > to pick the skb before recvmsg() thread. This issue is more visible > with BIG TCP, as more RPC fit one skb. > > For RFS, even if BH handler picks the skbs, they are still picked > from the cpu on which user thread is running. > > Ideally, it is better to free the skbs (and associated page frags) > on the cpu that originally allocated them. > > This patch removes the per socket anchor (sk->defer_list) and > instead uses a per-cpu list, which will hold more skbs per round. > > This new per-cpu list is drained at the end of net_action_rx(), > after incoming packets have been processed, to lower latencies. > > In normal conditions, skbs are added to the per-cpu list with > no further action. In the (unlikely) cases where the cpu does not > run net_action_rx() handler fast enough, we use an IPI to raise > NET_RX_SOFTIRQ on the remote cpu. > > Also, we do not bother draining the per-cpu list from dev_cpu_dead() > This is because skbs in this list have no requirement on how fast > they should be freed. > > Note that we can add in the future a small per-cpu cache > if we see any contention on sd->defer_lock. Hmm, we started to see some memory leak reports from kmemleak that have been around for hours without being freed since yesterday's linux-next tree which included this commit. Any thoughts? unreferenced object 0xffff400610f55cc0 (size 216): comm "git-remote-http", pid 781180, jiffies 4314091475 (age 4323.740s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 c0 7e 87 ff 3f ff ff 00 00 00 00 00 00 00 00 ..~..?.......... backtrace: kmem_cache_alloc_node __alloc_skb __tcp_send_ack.part.0 tcp_send_ack tcp_cleanup_rbuf tcp_recvmsg_locked tcp_recvmsg inet_recvmsg __sys_recvfrom __arm64_sys_recvfrom invoke_syscall el0_svc_common.constprop.0 do_el0_svc el0_svc el0t_64_sync_handler el0t_64_sync unreferenced object 0xffff4001e58f0c40 (size 216): comm "git-remote-http", pid 781180, jiffies 4314091483 (age 4323.968s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 c0 7e 87 ff 3f ff ff 00 00 00 00 00 00 00 00 ..~..?.......... backtrace: kmem_cache_alloc_node __alloc_skb __tcp_send_ack.part.0 tcp_send_ack tcp_cleanup_rbuf tcp_recvmsg_locked tcp_recvmsg inet_recvmsg __sys_recvfrom __arm64_sys_recvfrom invoke_syscall el0_svc_common.constprop.0 do_el0_svc el0_svc el0t_64_sync_handler el0t_64_sync
Powered by blists - more mailing lists