lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 26 Jun 2022 15:05:01 +0300 From: Vladimir Oltean <vladimir.oltean@....com> To: netdev@...r.kernel.org Cc: "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Xiaoliang Yang <xiaoliang.yang_1@....com>, Claudiu Manoil <claudiu.manoil@....com>, Alexandre Belloni <alexandre.belloni@...tlin.com>, UNGLinuxDriver@...rochip.com, Andrew Lunn <andrew@...n.ch>, Vivien Didelot <vivien.didelot@...il.com>, Florian Fainelli <f.fainelli@...il.com>, Michael Walle <michael@...le.cc>, Vinicius Costa Gomes <vinicius.gomes@...el.com>, Maxim Kochetkov <fido_max@...ox.ru>, Colin Foster <colin.foster@...advantage.com>, Richie Pearn <richard.pearn@....com>, linux-kernel@...r.kernel.org, Andy Lutomirski <luto@...nel.org>, Thomas Gleixner <tglx@...utronix.de>, Vincenzo Frascino <vincenzo.frascino@....com> Subject: [PATCH net-next 0/4] Prevent permanently closed tc-taprio gates from blocking a Felix DSA switch port Richie Pearn reports that if we install a tc-taprio schedule on a Felix switch port, and that schedule has at least one gate that never opens (for example TC0 below): tc qdisc add dev swp1 root taprio num_tc 8 map 0 1 2 3 4 5 6 7 \ queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 \ base-time 0 sched-entry S fe 1000000 flags 0x2 then packets classified to the permanently closed traffic class will not be dequeued by the egress port. They will just remain in the queue system, to consume resources. Frame aging does not trigger either, because in order for that to happen, the packets need to be eligible for egress scheduling in the first place, which they aren't. If that port is allowed to consume the entire shared buffer of the switch (as we configure things by default using devlink-sb), then eventually, by sending enough packets, the entire switch will hang. If we think enough about the problem, we realize that this is only a special case of a more general issue, and can also be reproduced with gates that aren't permanently closed, but are not large enough to send an entire frame. In that sense, a permanently closed gate is simply a case where all frames are oversized. The ENETC has logic to reject transmitted packets that would overrun the time window - see commit 285e8dedb4bd ("net: enetc: count the tc-taprio window drops"). The Felix switch has no such thing on a per-packet basis, but it has a register replicated per {egress port, TC} which essentially limits the max MTU. A packet which exceeds the per-port-TC MTU is immediately discarded and therefore will not hang the port anymore (albeit, sadly, this only bumps a generic drop hardware counter and we cannot really infer the reason such as to offer a dedicated counter for these events). This patch set calculates the max MTU per {port, TC} when the tc-taprio config, or link speed, or port-global MTU values change. This solves the larger "gate too small for packet" problem, but also the original issue with the gate permanently closed that was reported by Richie. Q: Bug fix patch sent to net-next? A: Yeah, after Xiaoliang started sending bug fixes to net-next himself (see https://patchwork.kernel.org/project/netdevbpf/patch/20220617032423.13852-1-xiaoliang.yang_1@nxp.com/) there is absolutely no gain in targeting "net" here - I am modifying the same areas of code, that have already diverged from 5.18 and earlier. So this is why I am also taking the opportunity to introduce cleanup patches 1-3, to leave things as clean as possible after the rework. I'd be interested if there is a better approach to this. Cc: Andy Lutomirski <luto@...nel.org> Cc: Thomas Gleixner <tglx@...utronix.de> Cc: Vincenzo Frascino <vincenzo.frascino@....com> Vladimir Oltean (4): time64.h: define PSEC_PER_NSEC and use it in tc-taprio net: dsa: felix: keep reference on entire tc-taprio config net: dsa: felix: keep QSYS_TAG_CONFIG_INIT_GATE_STATE(0xFF) out of rmw net: dsa: felix: drop oversized frames with tc-taprio instead of hanging the port drivers/net/dsa/ocelot/felix.c | 9 + drivers/net/dsa/ocelot/felix.h | 1 + drivers/net/dsa/ocelot/felix_vsc9959.c | 241 ++++++++++++++++++++++--- include/soc/mscc/ocelot.h | 5 +- include/vdso/time64.h | 1 + net/sched/sch_taprio.c | 4 +- 6 files changed, 234 insertions(+), 27 deletions(-) -- 2.25.1
Powered by blists - more mailing lists