From: Fan Du <fan.du@windriver.com>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: 王聪 <xiyou.wangcong@gmail.com>,
steffen.klassert@secunet.com, davem@davemloft.net,
netdev@vger.kernel.org
Subject: [PATCHv3 net-next] xfrm: Namespacify xfrm_policy_sk_bundles
Date: Thu, 19 Dec 2013 11:17:39 +0800 [thread overview]
Message-ID: <52B26553.9070103@windriver.com> (raw)
In-Reply-To: <1387419308.19078.343.camel@edumazet-glaptop2.roam.corp.google.com>
On 2013年12月19日 10:15, Eric Dumazet wrote:
>> I think an analogy of llist_add_batch for the updating part will be ok for this:
>> >
>> > struct dst_entry *first;
>> > do {
>> > xdst->u.dst.next = first = ACCESS_ONCE(xfrm_policy_sk_bundles);
>> > } while (cmpxchg(&xfrm_policy_sk_bundles, first,&xdst->u.dst) != first);
>> >
>> >
>> > And the deleting part:
>> >
>> > head = xchg(&net->xfrm.xfrm_policy_sk_bundles, NULL);
>> >
>> >
> The point is to_use_ the helpers, so that code review is easy.
>
> llist.h is safe, it was extensively discussed and adopted.
>
> If you want to get rid of the spinlock, then use llist_del_all() for the
> deleting, and llist_add() for the addition.
>
> Really, its that simple.
Ok, I will use common api suggested by you, then locks is gone at the cost
of xfrm_dst growing up a bit, sizeof(struct llist_node).
From b4c5fc86861abd98866111a7b1b51dc13d546a0c Mon Sep 17 00:00:00 2001
From: Fan Du <fan.du@windriver.com>
Date: Thu, 19 Dec 2013 11:03:20 +0800
Subject: [PATCHv3 net-next] xfrm: Namespacify xfrm_policy_sk_bundles
xfrm_policy_sk_bundles, protected by net->xfrm.xfrm_policy_sk_bundle_lock
should be put into netns xfrm structure, otherwise xfrm_policy_sk_bundles
can be corrupted from different net namespace.
Moreover current xfrm_policy_sk_bundle_lock used in below two scenarios:
1. xfrm_lookup(Process context) vs __xfrm_garbage_collect(softirq context)
2. xfrm_lookup(Process context) vs __xfrm_garbage_collect(Process context
when SPD change or dev down)
We can use lock less list to cater to those two scenarios as suggested by
Eric Dumazet.
Signed-off-by: Fan Du <fan.du@windriver.com>
Assisted-by: Eric Dumazet <edumazet@google.com>
---
v2:
Fix incorrect commit log.
v3:
Drop xchg, use llist instead, adviced by Eric Dumazet.
Build test only.
---
include/net/netns/xfrm.h | 2 +-
include/net/xfrm.h | 1 +
net/xfrm/xfrm_policy.c | 26 ++++++--------------------
3 files changed, 8 insertions(+), 21 deletions(-)
diff --git a/include/net/netns/xfrm.h b/include/net/netns/xfrm.h
index 1006a26..22f4f90 100644
--- a/include/net/netns/xfrm.h
+++ b/include/net/netns/xfrm.h
@@ -58,9 +58,9 @@ struct netns_xfrm {
struct dst_ops xfrm6_dst_ops;
#endif
spinlock_t xfrm_state_lock;
- spinlock_t xfrm_policy_sk_bundle_lock;
rwlock_t xfrm_policy_lock;
struct mutex xfrm_cfg_mutex;
+ struct llist_head xp_sk_bundles_list;
};
#endif
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 59f5d0a..05296ab 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -957,6 +957,7 @@ struct xfrm_dst {
u32 child_mtu_cached;
u32 route_cookie;
u32 path_cookie;
+ struct llist_node xdst_llist;
};
#ifdef CONFIG_XFRM
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index a7487f3..fb286af 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -39,8 +39,6 @@
#define XFRM_QUEUE_TMO_MAX ((unsigned)(60*HZ))
#define XFRM_MAX_QUEUE_LEN 100
-static struct dst_entry *xfrm_policy_sk_bundles;
-
static DEFINE_SPINLOCK(xfrm_policy_afinfo_lock);
static struct xfrm_policy_afinfo __rcu *xfrm_policy_afinfo[NPROTO]
__read_mostly;
@@ -2108,12 +2106,7 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
}
dst_hold(&xdst->u.dst);
-
- spin_lock_bh(&net->xfrm.xfrm_policy_sk_bundle_lock);
- xdst->u.dst.next = xfrm_policy_sk_bundles;
- xfrm_policy_sk_bundles = &xdst->u.dst;
- spin_unlock_bh(&net->xfrm.xfrm_policy_sk_bundle_lock);
-
+ llist_add(&xdst->xdst_llist, &net->xfrm.xp_sk_bundles_list);
route = xdst->route;
}
}
@@ -2549,18 +2542,12 @@ static struct dst_entry *xfrm_negative_advice(struct dst_entry *dst)
static void __xfrm_garbage_collect(struct net *net)
{
- struct dst_entry *head, *next;
-
- spin_lock_bh(&net->xfrm.xfrm_policy_sk_bundle_lock);
- head = xfrm_policy_sk_bundles;
- xfrm_policy_sk_bundles = NULL;
- spin_unlock_bh(&net->xfrm.xfrm_policy_sk_bundle_lock);
+ struct llist_node *head;
+ struct xfrm_dst *xdst;
- while (head) {
- next = head->next;
- dst_free(head);
- head = next;
- }
+ head = llist_del_all(&net->xfrm.xp_sk_bundles_list);
+ llist_for_each_entry(xdst, head, xdst_llist)
+ dst_free(&xdst->u.dst);
}
void xfrm_garbage_collect(struct net *net)
@@ -2942,7 +2929,6 @@ static int __net_init xfrm_net_init(struct net *net)
/* Initialize the per-net locks here */
spin_lock_init(&net->xfrm.xfrm_state_lock);
rwlock_init(&net->xfrm.xfrm_policy_lock);
- spin_lock_init(&net->xfrm.xfrm_policy_sk_bundle_lock);
mutex_init(&net->xfrm.xfrm_cfg_mutex);
return 0;
--
1.7.9.5
--
浮沉随浪只记今朝笑
--fan
next prev parent reply other threads:[~2013-12-19 3:17 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-18 3:34 [PATCHv2 ipsec-next] xfrm: Namespacify xfrm_policy_sk_bundles Fan Du
2013-12-18 4:50 ` Eric Dumazet
2013-12-18 5:33 ` Cong Wang
2013-12-18 5:33 ` Fan Du
2013-12-18 5:44 ` Eric Dumazet
2013-12-19 1:35 ` Fan Du
2013-12-19 2:15 ` Eric Dumazet
2013-12-19 3:17 ` Fan Du [this message]
2013-12-19 3:44 ` [PATCHv3 net-next] " Eric Dumazet
2013-12-19 7:47 ` Fan Du
2013-12-20 3:34 ` [PATCHv4 " Fan Du
2013-12-24 1:12 ` Fan Du
2013-12-24 5:31 ` David Miller
2013-12-24 5:39 ` Fan Du
2013-12-24 9:50 ` Steffen Klassert
2013-12-24 9:56 ` Fan Du
2013-12-24 17:54 ` David Miller
2013-12-24 10:35 ` Steffen Klassert
2013-12-25 6:40 ` Fan Du
2013-12-25 8:11 ` Timo Teras
2013-12-25 8:44 ` Fan Du
2014-01-06 10:35 ` Steffen Klassert
2014-01-07 2:43 ` Fan Du
2014-01-09 12:38 ` Steffen Klassert
2014-01-10 9:23 ` Fan Du
2013-12-19 3:48 ` [PATCHv3 " Eric Dumazet
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52B26553.9070103@windriver.com \
--to=fan.du@windriver.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=steffen.klassert@secunet.com \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.