lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20231128071116.1b6aed13@kernel.org>
Date: Tue, 28 Nov 2023 07:11:16 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Jiri Pirko <jiri@...nulli.us>
Cc: netdev@...r.kernel.org, pabeni@...hat.com, davem@...emloft.net,
 edumazet@...gle.com, jacob.e.keller@...el.com, jhs@...atatu.com,
 johannes@...solutions.net, andriy.shevchenko@...ux.intel.com,
 amritha.nambiar@...el.com, sdf@...gle.com, horms@...nel.org
Subject: Re: [patch net-next v4 5/9] genetlink: introduce per-sock family
 private pointer storage

On Tue, 28 Nov 2023 09:25:21 +0100 Jiri Pirko wrote:
> >Put the xarray pointer here directly. Plus a lock to protect the init.  
> 
> Okay, just to make this clear. You want me to have:
> 	struct xarray __rcu		*family_privs;
> 
> in struct netlink_sock, correct?
> 
> 
> Why I need a lock? If I read things correctly, skbs are processed in
> serial over one sock. Since this is per-sock, should be safe.

Okay, then add an assertion that the socket lock is held, at least.
Also, is the socket lock not held yet when the filtering happens?
Maybe the __rcu annotation isn't necessary then either?

> >The size of the per-family struct should be in family definition,
> >allocation should happen on first get automatically. Family definition  
> 
> Yes, I thought about that. But I decided to do this lockless, allocating
> new priv every time the user sets the filter and replace the xarray item
> so it could be accessed in rcu read section during notification
> processing.
> 
> What you suggest requires some lock to protect the memory being changed
> during filter set and suring accessing in in notify. But okay,
> if you insist.

Not necessarily, you can have a helper which doesn't allocate, too.
What I'm saying is that the common case for ops will be to access
the state and allocate if it doesn't exist.

How about genl_sk_family_priv() and genl_sk_has_family_priv() ?

> >should also hold a callback to how the data is going to be freed.  
> 
> If it is alloceted automatically, why is it needed?

Because priv may be a complex type which has member that need
individual fields to be destroyed (in fullness of time we also
need a constructor which can init things like list_head, but
we can defer that).

I'm guessing in your case the priv will look like this:

struct devlink_sk_priv {
	const char *nft_fltr_instance_name;
};

static void devlink_sk_priv_free(void *ptr)
{
	struct devlink_sk_priv *priv = ptr;

	kfree(priv->nft_fltr_instance_name);
}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ