lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 19 Aug 2022 23:17:04 +0800
From:   Menglong Dong <menglong8.dong@...il.com>
To:     Jakub Kicinski <kuba@...nel.org>
Cc:     miguel.ojeda.sandonis@...il.com, ojeda@...nel.org,
        ndesaulniers@...gle.com, davem@...emloft.net, edumazet@...gle.com,
        pabeni@...hat.com, asml.silence@...il.com, imagedong@...cent.com,
        luiz.von.dentz@...el.com, vasily.averin@...ux.dev,
        jk@...econstruct.com.au, linux-kernel@...r.kernel.org,
        netdev@...r.kernel.org, kernel test robot <lkp@...el.com>
Subject: Re: [PATCH net-next v4] net: skb: prevent the split of
 kfree_skb_reason() by gcc

On Fri, Aug 19, 2022 at 1:09 AM Jakub Kicinski <kuba@...nel.org> wrote:
>
> On Tue, 16 Aug 2022 11:28:46 +0800 menglong8.dong@...il.com wrote:
> > From: Menglong Dong <imagedong@...cent.com>
> >
[...]
>
> Sorry for a late and possibly off-topic chime in, is the compiler
> splitting it because it thinks that skb_unref() is going to return
> true? I don't think that's the likely case, so maybe we're better
> off wrapping that skb_unref() in unlikely()?

I think your thought is totally right, considering the instruction
that I disassembled:

ffffffff819fea20 <kfree_skb_reason>:
ffffffff819fea20:       e8 cb 2c 40 00          call
ffffffff81e016f0 <__fentry__>
ffffffff819fea25:       48 85 ff                test   %rdi,%rdi
ffffffff819fea28:       74 25                   je
ffffffff819fea4f <kfree_skb_reason+0x2f>
ffffffff819fea2a:       8b 87 d4 00 00 00       mov    0xd4(%rdi),%eax
/* this is just the instruction that compiled from skb_unref()  */
ffffffff819fea30:       83 f8 01                cmp    $0x1,%eax
ffffffff819fea33:       75 0b                   jne
ffffffff819fea40 <kfree_skb_reason+0x20>
ffffffff819fea35:       55                      push   %rbp
ffffffff819fea36:       48 89 e5                mov    %rsp,%rbp
ffffffff819fea39:       e8 42 ff ff ff          call
ffffffff819fe980 <kfree_skb_reason.part.0>
ffffffff819fea3e:       5d                      pop    %rbp
ffffffff819fea3f:       c3                      ret
ffffffff819fea40:       f0 ff 8f d4 00 00 00    lock decl 0xd4(%rdi)
ffffffff819fea47:       0f 88 e5 44 27 00       js
ffffffff81c72f32 <__noinstr_text_end+0x255d>
ffffffff819fea4d:       74 e6                   je
ffffffff819fea35 <kfree_skb_reason+0x15>
ffffffff819fea4f:       c3                      ret

The compiler just splits the code after skb_unref() to another.
After I warp the skb_unref() in unlinkly(), this function is not
splitted any more.

Yeah, I think we can make skb_unref() wrapped by unlikely()
by the way.

Thanks!
Menglong Dong

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ