lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 23 Jan 2024 09:08:51 -0800
From: Kuniyuki Iwashima <kuniyu@...zon.com>
To: "David S. Miller" <davem@...emloft.net>, Eric Dumazet
	<edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni
	<pabeni@...hat.com>
CC: Ivan Babrou <ivan@...udflare.com>, Kuniyuki Iwashima <kuniyu@...zon.com>,
	Kuniyuki Iwashima <kuni1840@...il.com>, <netdev@...r.kernel.org>
Subject: [PATCH v5 net-next 0/5] af_unix: Random improvements for GC.

If more than 16000 inflight AF_UNIX sockets exist on a host, each
sendmsg() will be forced to wait for unix_gc() even if a process
is not sending any FD.

This series tries not to impose such a penalty on sane users who
do not send AF_UNIX FDs or do not have inflight sockets more than
SCM_MAX_FD * 8.

The first patch can be backported to -stable.

Cleanup patches for commit 69db702c8387 ("io_uring/af_unix: disable
sending io_uring over sockets") and large refactoring of GC will
be followed later.


Changes:
  v5:
    * Rebase on the latest
    * Add patch 1

  v4: https://lore.kernel.org/netdev/20231219030102.27509-1-kuniyu@amazon.com/
    * Rebase on the latest

  v3: https://lore.kernel.org/netdev/20231218075020.60826-1-kuniyu@amazon.com/
    * Patch 3
      * Reuse gc_in_progress flag.
      * Call flush_work() only when gc is queued or in progress.
    * Patch 4
      * Bump UNIX_INFLIGHT_SANE_USER to (SCM_MAX_FD * 8).

  v2: https://lore.kernel.org/netdev/20231123014747.66063-1-kuniyu@amazon.com/
    * Patch 4
      * Fix build error when CONFIG_UNIX=n

  v1: https://lore.kernel.org/netdev/20231122013629.28554-1-kuniyu@amazon.com/


Kuniyuki Iwashima (5):
  af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc().
  af_unix: Do not use atomic ops for unix_sk(sk)->inflight.
  af_unix: Return struct unix_sock from unix_get_socket().
  af_unix: Run GC on only one CPU.
  af_unix: Try to run GC async.

 include/net/af_unix.h | 14 +++++--
 include/net/scm.h     |  1 +
 net/core/scm.c        |  5 +++
 net/unix/af_unix.c    | 10 +++--
 net/unix/garbage.c    | 98 ++++++++++++++++++++++---------------------
 net/unix/scm.c        | 27 ++++++------
 6 files changed, 85 insertions(+), 70 deletions(-)

-- 
2.30.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ