All of lore.kernel.org
 help / color / mirror / Atom feed
From: Guillaume Nault <gnault@redhat.com>
To: Eric Dumazet <edumazet@google.com>
Cc: "Benjamin Coddington" <bcodding@redhat.com>,
	"Jakub Kicinski" <kuba@kernel.org>,
	"Paolo Abeni" <pabeni@redhat.com>,
	"David S. Miller" <davem@davemloft.net>,
	"Philipp Reisner" <philipp.reisner@linbit.com>,
	"Lars Ellenberg" <lars.ellenberg@linbit.com>,
	"Christoph Böhmwalder" <christoph.boehmwalder@linbit.com>,
	"Jens Axboe" <axboe@kernel.dk>,
	"Josef Bacik" <josef@toxicpanda.com>,
	"Keith Busch" <kbusch@kernel.org>,
	"Christoph Hellwig" <hch@lst.de>,
	"Sagi Grimberg" <sagi@grimberg.me>,
	"Lee Duncan" <lduncan@suse.com>,
	"Chris Leech" <cleech@redhat.com>,
	"Mike Christie" <michael.christie@oracle.com>,
	"James E.J. Bottomley" <jejb@linux.ibm.com>,
	"Martin K. Petersen" <martin.petersen@oracle.com>,
	"Valentina Manea" <valentina.manea.m@gmail.com>,
	"Shuah Khan" <shuah@kernel.org>,
	"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
	"David Howells" <dhowells@redhat.com>,
	"Marc Dionne" <marc.dionne@auristor.com>,
	"Steve French" <sfrench@samba.org>,
	"Christine Caulfield" <ccaulfie@redhat.com>,
	"David Teigland" <teigland@redhat.com>,
	"Mark Fasheh" <mark@fasheh.com>,
	"Joel Becker" <jlbec@evilplan.org>,
	"Joseph Qi" <joseph.qi@linux.alibaba.com>,
	"Eric Van Hensbergen" <ericvh@gmail.com>,
	"Latchesar Ionkov" <lucho@ionkov.net>,
	"Dominique Martinet" <asmadeus@codewreck.org>,
	"Ilya Dryomov" <idryomov@gmail.com>,
	"Xiubo Li" <xiubli@redhat.com>,
	"Chuck Lever" <chuck.lever@oracle.com>,
	"Jeff Layton" <jlayton@kernel.org>,
	"Trond Myklebust" <trond.myklebust@hammerspace.com>,
	"Anna Schumaker" <anna@kernel.org>,
	"Steffen Klassert" <steffen.klassert@secunet.com>,
	"Herbert Xu" <herbert@gondor.apana.org.au>,
	netdev@vger.kernel.org
Subject: Re: [PATCH net v4 2/3] Treewide: Stop corrupting socket's task_frag
Date: Tue, 3 Jan 2023 16:14:17 +0100	[thread overview]
Message-ID: <Y7RGSbWX0L4EoA8W@debian> (raw)
In-Reply-To: <CANn89iKik8uMO6=ztufPwYdg1qRPsxToz0Nu-uaZWkE63bKSUQ@mail.gmail.com>

On Tue, Jan 03, 2023 at 03:26:27PM +0100, Eric Dumazet wrote:
> On Fri, Dec 16, 2022 at 1:45 PM Benjamin Coddington <bcodding@redhat.com> wrote:
> >
> > Since moving to memalloc_nofs_save/restore, SUNRPC has stopped setting the
> > GFP_NOIO flag on sk_allocation which the networking system uses to decide
> > when it is safe to use current->task_frag.  The results of this are
> > unexpected corruption in task_frag when SUNRPC is involved in memory
> > reclaim.
> >
> > The corruption can be seen in crashes, but the root cause is often
> > difficult to ascertain as a crashing machine's stack trace will have no
> > evidence of being near NFS or SUNRPC code.  I believe this problem to
> > be much more pervasive than reports to the community may indicate.
> >
> > Fix this by having kernel users of sockets that may corrupt task_frag due
> > to reclaim set sk_use_task_frag = false.  Preemptively correcting this
> > situation for users that still set sk_allocation allows them to convert to
> > memalloc_nofs_save/restore without the same unexpected corruptions that are
> > sure to follow, unlikely to show up in testing, and difficult to bisect.
> >
> 
> I am back from PTO.
> 
> It seems inet_ctl_sock_create() has been forgotten.
> 
> Without following fix, ICMP messages sent from softirq would corrupt
> innocent thread task_frag.

I didn't consider setting ->sk_use_task_frag on ICMP sockets as my
understanding was that only TCP and ip_append_data() could eventually
call sk_page_frag(). Therefore, I didn't see how ICMP sockets could be
affected. Did I miss something?

> (I will submit this patch formally a bit later today)
> 
> diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
> index ab4a06be489b5d410cec603bf56248d31dbc90dd..6c0ec27899431eb56e2f9d0c3a936b77f44ccaca
> 100644
> --- a/net/ipv4/af_inet.c
> +++ b/net/ipv4/af_inet.c
> @@ -1665,6 +1665,7 @@ int inet_ctl_sock_create(struct sock **sk,
> unsigned short family,
>         if (rc == 0) {
>                 *sk = sock->sk;
>                 (*sk)->sk_allocation = GFP_ATOMIC;
> +               (*sk)->sk_use_task_frag = false;
>                 /*
>                  * Unhash it so that IP input processing does not even see it,
>                  * we do not wish this socket to see incoming packets.
> 


  reply	other threads:[~2023-01-03 15:15 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-16 12:45 [PATCH net v4 0/3] Stop corrupting socket's task_frag Benjamin Coddington
2022-12-16 12:45 ` [PATCH net v4 1/3] net: Introduce sk_use_task_frag in struct sock Benjamin Coddington
2022-12-16 12:45 ` [PATCH net v4 2/3] Treewide: Stop corrupting socket's task_frag Benjamin Coddington
2023-01-03 14:26   ` Eric Dumazet
2023-01-03 15:14     ` Guillaume Nault [this message]
2023-01-03 16:10       ` Eric Dumazet
2023-01-03 22:37         ` Guillaume Nault
2022-12-16 12:45 ` [PATCH net v4 3/3] net: simplify sk_page_frag Benjamin Coddington
2022-12-20  2:00 ` [PATCH net v4 0/3] Stop corrupting socket's task_frag patchwork-bot+netdevbpf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y7RGSbWX0L4EoA8W@debian \
    --to=gnault@redhat.com \
    --cc=anna@kernel.org \
    --cc=asmadeus@codewreck.org \
    --cc=axboe@kernel.dk \
    --cc=bcodding@redhat.com \
    --cc=ccaulfie@redhat.com \
    --cc=christoph.boehmwalder@linbit.com \
    --cc=chuck.lever@oracle.com \
    --cc=cleech@redhat.com \
    --cc=davem@davemloft.net \
    --cc=dhowells@redhat.com \
    --cc=edumazet@google.com \
    --cc=ericvh@gmail.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=hch@lst.de \
    --cc=herbert@gondor.apana.org.au \
    --cc=idryomov@gmail.com \
    --cc=jejb@linux.ibm.com \
    --cc=jlayton@kernel.org \
    --cc=jlbec@evilplan.org \
    --cc=josef@toxicpanda.com \
    --cc=joseph.qi@linux.alibaba.com \
    --cc=kbusch@kernel.org \
    --cc=kuba@kernel.org \
    --cc=lars.ellenberg@linbit.com \
    --cc=lduncan@suse.com \
    --cc=lucho@ionkov.net \
    --cc=marc.dionne@auristor.com \
    --cc=mark@fasheh.com \
    --cc=martin.petersen@oracle.com \
    --cc=michael.christie@oracle.com \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=philipp.reisner@linbit.com \
    --cc=sagi@grimberg.me \
    --cc=sfrench@samba.org \
    --cc=shuah@kernel.org \
    --cc=steffen.klassert@secunet.com \
    --cc=teigland@redhat.com \
    --cc=trond.myklebust@hammerspace.com \
    --cc=valentina.manea.m@gmail.com \
    --cc=xiubli@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.