| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aINObNKpAzZ0amz0@soc-5CG4396X81.clients.intel.com>
Date: Fri, 25 Jul 2025 11:29:16 +0200
From: Larysa Zaremba <larysa.zaremba@...el.com>
To: Jason Xing <kerneljasonxing@...il.com>
CC: <anthony.l.nguyen@...el.com>, <przemyslaw.kitszel@...el.com>,
<andrew+netdev@...n.ch>, <davem@...emloft.net>, <edumazet@...gle.com>,
<kuba@...nel.org>, <pabeni@...hat.com>, <bjorn@...nel.org>,
<magnus.karlsson@...el.com>, <maciej.fijalkowski@...el.com>,
<jonathan.lemon@...il.com>, <sdf@...ichev.me>, <ast@...nel.org>,
<daniel@...earbox.net>, <hawk@...nel.org>, <john.fastabend@...il.com>,
<bpf@...r.kernel.org>, <intel-wired-lan@...ts.osuosl.org>,
<netdev@...r.kernel.org>, Jason Xing <kernelxing@...cent.com>
Subject: Re: [PATCH net-next 2/5] ixgbe: xsk: resolve the underflow of budget
in ixgbe_xmit_zc
On Sun, Jul 20, 2025 at 05:11:20PM +0800, Jason Xing wrote:
> From: Jason Xing <kernelxing@...cent.com>
>
> Resolve the budget underflow which leads to returning true in ixgbe_xmit_zc
> even when the budget of descs are thoroughly consumed.
>
> Before this patch, when the budget is decreased to zero and finishes
> sending the last allowed desc in ixgbe_xmit_zc, it will always turn back
> and enter into the while() statement to see if it should keep processing
> packets, but in the meantime it unexpectedly decreases the value again to
> 'unsigned int (0--)', namely, UINT_MAX. Finally, the ixgbe_xmit_zc returns
> true, showing 'we complete cleaning the budget'. That also means
> 'clean_complete = true' in ixgbe_poll.
>
> The true theory behind this is if that budget number of descs are consumed,
> it implies that we might have more descs to be done. So we should return
> false in ixgbe_xmit_zc to tell napi poll to find another chance to start
> polling to handle the rest of descs. On the contrary, returning true here
> means job done and we know we finish all the possible descs this time and
> we don't intend to start a new napi poll.
>
> It is apparently against our expectations. Please also see how
> ixgbe_clean_tx_irq() handles the problem: it uses do..while() statement
> to make sure the budget can be decreased to zero at most and the underflow
> never happens.
>
> Fixes: 8221c5eba8c1 ("ixgbe: add AF_XDP zero-copy Tx support")
> Signed-off-by: Jason Xing <kernelxing@...cent.com>
Right, it is possible to decrement a zero in the current state of code.
Should target iwl-net, otherwise fine. You could include info why do you add
likely, as such change is questionable in something that goes into a stable
tree, but should be fine, as the standard budget is 256, so we rarely would not
hit the loop codition.
Reviewed-by: Larysa Zaremba <larysa.zaremba@...el.com>
> ---
> drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c
> index 0ade15058d98..a463c5ac9c7c 100644
> --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c
> +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c
> @@ -398,7 +398,7 @@ static bool ixgbe_xmit_zc(struct ixgbe_ring *xdp_ring, unsigned int budget)
> dma_addr_t dma;
> u32 cmd_type;
>
> - while (budget-- > 0) {
> + while (likely(budget)) {
> if (unlikely(!ixgbe_desc_unused(xdp_ring))) {
> work_done = false;
> break;
> @@ -433,6 +433,8 @@ static bool ixgbe_xmit_zc(struct ixgbe_ring *xdp_ring, unsigned int budget)
> xdp_ring->next_to_use++;
> if (xdp_ring->next_to_use == xdp_ring->count)
> xdp_ring->next_to_use = 0;
> +
> + budget--;
> }
>
> if (tx_desc) {
> --
> 2.41.3
>
>
Powered by blists - more mailing lists