Re: virtio_net: suspicious RCU usage with xdp

[Jesper Dangaard Brouer <brouer@redhat.com>]

On Fri, 26 Apr 2019 16:00:28 +0800
Jason Wang <jasowang@redhat.com> wrote:

> On 2019/4/26 上午1:41, Jesper Dangaard Brouer wrote:
> > It does sound like my commit 5d053f9da431 ("bpf: devmap prepare xdp
> > frames for bulking") introduced this issue.  I guess we can add the RCU
> > section to xdp_do_flush_map(), and then also verify that the devmap
> > (and cpumap) take-down code also have appropriate RCU sections (which
> > they should have).
> >
> > Another requirement for calling .ndo_xdp_xmit is running under NAPI
> > protection,  
> 
> 
> May I know the reason for this? I'm asking since if the packet was 
> redirected from tuntap, ndo_xdp_xmit()  won't be called under the 
> protection of NAPI (but bh is disabled).

There are a number of things that rely on this NAPI/softirq protection.

One is preempt-free access per-cpu struct bpf_redirect_info. Which is
at the core of the XDP and TC redirect feature.

  DEFINE_PER_CPU(struct bpf_redirect_info, bpf_redirect_info);
  EXPORT_PER_CPU_SYMBOL_GPL(bpf_redirect_info);
  struct bpf_redirect_info *ri = this_cpu_ptr(&bpf_redirect_info);

And devmap and cpumap also have per-cpu variables, that we don't use
preempt-disable around.

Another is xdp_return_frame_rx_napi() that when page_pool is active,
can store frames to be recycled directly into an array, in function
__page_pool_recycle_direct() (but as I don't trust every driver getting
this correct I've added a safe-guard in page-pool via
in_serving_softirq().

I guess, disable_bh is sufficient protection, as we are mostly
optimizing away a preempt-disable when accessing per-cpu variables.

-- 
Best regards,
  Jesper Dangaard Brouer
  MSc.CS, Principal Kernel Engineer at Red Hat
  LinkedIn: http://www.linkedin.com/in/brouer