| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CADvbK_c2gUNyDNYfgVrQ+Cm9rL6P_n+s0LJsrAPz0VK9FDDxyg@mail.gmail.com>
Date: Wed, 5 Nov 2025 20:27:19 -0500
From: Xin Long <lucien.xin@...il.com>
To: Paolo Abeni <pabeni@...hat.com>
Cc: network dev <netdev@...r.kernel.org>, quic@...ts.linux.dev, davem@...emloft.net,
kuba@...nel.org, Eric Dumazet <edumazet@...gle.com>, Simon Horman <horms@...nel.org>,
Stefan Metzmacher <metze@...ba.org>, Moritz Buhl <mbuhl@...nbsd.org>, Tyler Fanelli <tfanelli@...hat.com>,
Pengtao He <hepengtao@...omi.com>, Thomas Dreibholz <dreibh@...ula.no>, linux-cifs@...r.kernel.org,
Steve French <smfrench@...il.com>, Namjae Jeon <linkinjeon@...nel.org>,
Paulo Alcantara <pc@...guebit.com>, Tom Talpey <tom@...pey.com>, kernel-tls-handshake@...ts.linux.dev,
Chuck Lever <chuck.lever@...cle.com>, Jeff Layton <jlayton@...nel.org>,
Steve Dickson <steved@...hat.com>, Hannes Reinecke <hare@...e.de>, Alexander Aring <aahringo@...hat.com>,
David Howells <dhowells@...hat.com>, Matthieu Baerts <matttbe@...nel.org>,
John Ericson <mail@...nericson.me>, Cong Wang <xiyou.wangcong@...il.com>,
"D . Wythe" <alibuda@...ux.alibaba.com>, Jason Baron <jbaron@...mai.com>,
illiliti <illiliti@...tonmail.com>, Sabrina Dubroca <sd@...asysnail.net>,
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>, Daniel Stenberg <daniel@...x.se>,
Andy Gospodarek <andrew.gospodarek@...adcom.com>
Subject: Re: [PATCH net-next v4 06/15] quic: add stream management
On Tue, Nov 4, 2025 at 6:05 AM Paolo Abeni <pabeni@...hat.com> wrote:
>
> On 10/29/25 3:35 PM, Xin Long wrote:
> +/* Create and register new streams for sending. */
> > +static struct quic_stream *quic_stream_send_create(struct quic_stream_table *streams,
> > + s64 max_stream_id, u8 is_serv)
> > +{
> > + struct quic_stream *stream = NULL;
> > + s64 stream_id;
> > +
> > + stream_id = streams->send.next_bidi_stream_id;
> > + if (quic_stream_id_uni(max_stream_id))
> > + stream_id = streams->send.next_uni_stream_id;
> > +
> > + /* rfc9000#section-2.1: A stream ID that is used out of order results in all streams
> > + * of that type with lower-numbered stream IDs also being opened.
> > + */
> > + while (stream_id <= max_stream_id) {
> > + stream = kzalloc(sizeof(*stream), GFP_KERNEL_ACCOUNT);
> > + if (!stream)
> > + return NULL;
> > +
> > + stream->id = stream_id;
> > + if (quic_stream_id_uni(stream_id)) {
> > + stream->send.max_bytes = streams->send.max_stream_data_uni;
> > +
> > + if (streams->send.next_uni_stream_id < stream_id + QUIC_STREAM_ID_STEP)
> > + streams->send.next_uni_stream_id = stream_id + QUIC_STREAM_ID_STEP;
>
> It's unclear to me the goal the above 2 statements. Dealing with id
> wrap-arounds? If 'streams->send.next_uni_stream_id < stream_id +
> QUIC_STREAM_ID_STEP' is not true the next quic_stream_send_create() will
> reuse the same stream_id.
>
> I moving the above in a separate helper with some comments would help.
>
I will add a macro for this:
#define quic_stream_id_next_update(limits, type, id) \
do { \
if ((limits)->next_##type##_stream_id < (id) +
QUIC_STREAM_ID_STEP) \
(limits)->next_##type##_stream_id = (id) +
QUIC_STREAM_ID_STEP; \
(limits)->streams_##type++;
\
} while (0)
So that we can use it to update both next_uni_stream_id and next_bidi_stream_id.
>
> > + streams->send.streams_uni++;
> > +
> > + quic_stream_add(streams, stream);
> > + stream_id += QUIC_STREAM_ID_STEP;
> > + continue;
> > + }
> > +
> > + if (streams->send.next_bidi_stream_id < stream_id + QUIC_STREAM_ID_STEP)
> > + streams->send.next_bidi_stream_id = stream_id + QUIC_STREAM_ID_STEP;
> > + streams->send.streams_bidi++;
> > +
> > + if (quic_stream_id_local(stream_id, is_serv)) {
> > + stream->send.max_bytes = streams->send.max_stream_data_bidi_remote;
> > + stream->recv.max_bytes = streams->recv.max_stream_data_bidi_local;
> > + } else {
> > + stream->send.max_bytes = streams->send.max_stream_data_bidi_local;
> > + stream->recv.max_bytes = streams->recv.max_stream_data_bidi_remote;
> > + }
> > + stream->recv.window = stream->recv.max_bytes;
> > +
> > + quic_stream_add(streams, stream);
> > + stream_id += QUIC_STREAM_ID_STEP;
> > + }
> > + return stream;
> > +}
> > +
> > +/* Create and register new streams for receiving. */
> > +static struct quic_stream *quic_stream_recv_create(struct quic_stream_table *streams,
> > + s64 max_stream_id, u8 is_serv)
> > +{
> > + struct quic_stream *stream = NULL;
> > + s64 stream_id;
> > +
> > + stream_id = streams->recv.next_bidi_stream_id;
> > + if (quic_stream_id_uni(max_stream_id))
> > + stream_id = streams->recv.next_uni_stream_id;
> > +
> > + /* rfc9000#section-2.1: A stream ID that is used out of order results in all streams
> > + * of that type with lower-numbered stream IDs also being opened.
> > + */
> > + while (stream_id <= max_stream_id) {
> > + stream = kzalloc(sizeof(*stream), GFP_ATOMIC | __GFP_ACCOUNT);
> > + if (!stream)
> > + return NULL;
> > +
> > + stream->id = stream_id;
> > + if (quic_stream_id_uni(stream_id)) {
> > + stream->recv.window = streams->recv.max_stream_data_uni;
> > + stream->recv.max_bytes = stream->recv.window;
> > +
> > + if (streams->recv.next_uni_stream_id < stream_id + QUIC_STREAM_ID_STEP)
> > + streams->recv.next_uni_stream_id = stream_id + QUIC_STREAM_ID_STEP;
> > + streams->recv.streams_uni++;
> > +
> > + quic_stream_add(streams, stream);
> > + stream_id += QUIC_STREAM_ID_STEP;
> > + continue;
> > + }
> > +
> > + if (streams->recv.next_bidi_stream_id < stream_id + QUIC_STREAM_ID_STEP)
> > + streams->recv.next_bidi_stream_id = stream_id + QUIC_STREAM_ID_STEP;
> > + streams->recv.streams_bidi++;
> > +
> > + if (quic_stream_id_local(stream_id, is_serv)) {
> > + stream->send.max_bytes = streams->send.max_stream_data_bidi_remote;
> > + stream->recv.max_bytes = streams->recv.max_stream_data_bidi_local;
> > + } else {
> > + stream->send.max_bytes = streams->send.max_stream_data_bidi_local;
> > + stream->recv.max_bytes = streams->recv.max_stream_data_bidi_remote;
> > + }
> > + stream->recv.window = stream->recv.max_bytes;
> > +
> > + quic_stream_add(streams, stream);
> > + stream_id += QUIC_STREAM_ID_STEP;
> > + }
> > + return stream;
> > +}
>
> The above 2 functions has a lot of code in common. I think you could
> deduplicate it by:
> - defining a named type for quic_stream_table.{send,recv}
> - define a generic /() helper using an additonal
> argument for the relevant table.{send,recv}
> - replace the above 2 functions with a single invocation to such helper.
This is a very smart idea!
It will dedup not only quic_stream_recv_create(), but also
quic_stream_get_param() and quic_stream_set_param().
I will define a type named 'struct quic_stream_limits'.
Note that, since we must pass 'bool send' to quic_stream_create() for
setting the fields in a single 'stream' .
if (quic_stream_id_uni(stream_id)) {
if (send) {
stream->send.max_bytes = limits->max_stream_data_uni;
} else {
stream->recv.max_bytes = limits->max_stream_data_uni;
stream->recv.window = stream->recv.max_bytes;
}
I'm planning not to pass additional argument of table.{send,recv},
but do this in quic_stream_create():
struct quic_stream_limits *limits = &streams->send;
gfp_t gfp = GFP_KERNEL_ACCOUNT;
if (!send) {
limits = &streams->recv;
gfp = GFP_ATOMIC | __GFP_ACCOUNT;
}
>
> It looks like there are more de-dup opportunity below.
>
Yes, the difference is only the variable name _uni_ and _bidi_.
I'm planning to de-dup them with macros like:
#define quic_stream_id_below_next(streams, type, id, send) \
((send) ? ((id) < (streams)->send.next_##type##_stream_id) : \
((id) < (streams)->recv.next_##type##_stream_id))
/* Check if a send or receive stream ID is already closed. */
static bool quic_stream_id_closed(struct quic_stream_table *streams,
s64 stream_id, bool send)
{
if (quic_stream_id_uni(stream_id))
return quic_stream_id_below_next(streams, uni, stream_id, send);
return quic_stream_id_below_next(streams, bidi, stream_id, send);
}
#define quic_stream_id_above_max(streams, type, id) \
(((id) > (streams)->send.max_##type##_stream_id) ? true : \
(quic_stream_id_to_streams((id) -
(streams)->send.next_##type##_stream_id) + \
(streams)->send.streams_##type >
(streams)->send.max_streams_##type))
/* Check if a stream ID would exceed local (recv) or peer (send) limits. */
bool quic_stream_id_exceeds(struct quic_stream_table *streams, s64
stream_id, bool send)
{
if (!send) {
if (quic_stream_id_uni(stream_id))
return stream_id > streams->recv.max_uni_stream_id;
return stream_id > streams->recv.max_bidi_stream_id;
}
if (quic_stream_id_uni(stream_id))
return quic_stream_id_above_max(streams, uni, stream_id);
return quic_stream_id_above_max(streams, bidi, stream_id);
}
Do you think it's worth it?
> > +
> > +/* Check if a send or receive stream ID is already closed. */
> > +static bool quic_stream_id_closed(struct quic_stream_table *streams, s64 stream_id, bool send)
> > +{
> > + if (quic_stream_id_uni(stream_id)) {
> > + if (send)
> > + return stream_id < streams->send.next_uni_stream_id;
> > + return stream_id < streams->recv.next_uni_stream_id;
> > + }
> > + if (send)
> > + return stream_id < streams->send.next_bidi_stream_id;
> > + return stream_id < streams->recv.next_bidi_stream_id;
> > +}
> > +
> > +/* Check if a stream ID would exceed local (recv) or peer (send) limits. */
> > +bool quic_stream_id_exceeds(struct quic_stream_table *streams, s64 stream_id, bool send)
> > +{
> > + u64 nstreams;
> > +
> > + if (!send) {
> > + if (quic_stream_id_uni(stream_id))
> > + return stream_id > streams->recv.max_uni_stream_id;
> > + return stream_id > streams->recv.max_bidi_stream_id;
> > + }
> > +
> > + if (quic_stream_id_uni(stream_id)) {
> > + if (stream_id > streams->send.max_uni_stream_id)
> > + return true;
> > + stream_id -= streams->send.next_uni_stream_id;
> > + nstreams = quic_stream_id_to_streams(stream_id);
> > + return nstreams + streams->send.streams_uni > streams->send.max_streams_uni;
> > + }
> > +
> > + if (stream_id > streams->send.max_bidi_stream_id)
> > + return true;
> > + stream_id -= streams->send.next_bidi_stream_id;
> > + nstreams = quic_stream_id_to_streams(stream_id);
> > + return nstreams + streams->send.streams_bidi > streams->send.max_streams_bidi;
> > +}
> > +
> > +/* Get or create a send stream by ID. */
> > +struct quic_stream *quic_stream_send_get(struct quic_stream_table *streams, s64 stream_id,
> > + u32 flags, bool is_serv)
> > +{
> > + struct quic_stream *stream;
> > +
> > + if (!quic_stream_id_valid(stream_id, is_serv, true))
> > + return ERR_PTR(-EINVAL);
> > +
> > + stream = quic_stream_find(streams, stream_id);
> > + if (stream) {
>
> You should add some comments and possibly lockdep annotation/static
> check about the expected locking for the whole stream lifecycle.
>
sk is not seen in this file, so I will add some comments to describe this
will also be called under the sock lock.
Thanks.
Powered by blists - more mailing lists