lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2527aee9-4e19-4e41-9176-7be1eda9aede@linux.dev>
Date: Tue, 2 Sep 2025 11:55:01 -0700
From: Martin KaFai Lau <martin.lau@...ux.dev>
To: Kuniyuki Iwashima <kuniyu@...gle.com>
Cc: Alexei Starovoitov <ast@...nel.org>, Andrii Nakryiko <andrii@...nel.org>,
 Daniel Borkmann <daniel@...earbox.net>,
 John Fastabend <john.fastabend@...il.com>,
 Stanislav Fomichev <sdf@...ichev.me>, Johannes Weiner <hannes@...xchg.org>,
 Michal Hocko <mhocko@...nel.org>, Roman Gushchin <roman.gushchin@...ux.dev>,
 Shakeel Butt <shakeel.butt@...ux.dev>, "David S. Miller"
 <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
 Neal Cardwell <ncardwell@...gle.com>, Willem de Bruijn <willemb@...gle.com>,
 Mina Almasry <almasrymina@...gle.com>, Kuniyuki Iwashima
 <kuni1840@...il.com>, bpf@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [PATCH v4 bpf-next/net 1/5] tcp: Save lock_sock() for memcg in
 inet_csk_accept().

On 8/28/25 6:00 PM, Kuniyuki Iwashima wrote:
> mem_cgroup_sk_alloc() is called for SCTP before __inet_accept(),
> so I added the protocol check in __inet_accept(), but this can be
> removed once SCTP uses sk_clone_lock().

>   void __inet_accept(struct socket *sock, struct socket *newsock, struct sock *newsk)
>   {
> +	/* TODO: use sk_clone_lock() in SCTP and remove protocol checks */
> +	if (mem_cgroup_sockets_enabled &&
> +	    (!IS_ENABLED(CONFIG_IP_SCTP) ||
> +	     sk_is_tcp(newsk) || sk_is_mptcp(newsk))) {

Instead of protocol check, is it the same as checking
"if (mem_cgroup_sockets_enabled && !mem_cgroup_from_sk(newsk))"

> +		gfp_t gfp = GFP_KERNEL | __GFP_NOFAIL;
> +
> +		mem_cgroup_sk_alloc(newsk);
> +
> +		if (mem_cgroup_from_sk(newsk)) {
> +			int amt;
> +
> +			/* The socket has not been accepted yet, no need
> +			 * to look at newsk->sk_wmem_queued.
> +			 */
> +			amt = sk_mem_pages(newsk->sk_forward_alloc +
> +					   atomic_read(&newsk->sk_rmem_alloc));
> +			if (amt)
> +				mem_cgroup_sk_charge(newsk, amt, gfp);
> +		}
> +
> +		kmem_cache_charge(newsk, gfp);
> +	}
> +

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ