From: annie li <annie.li@oracle.com>
To: Wei Liu <wei.liu2@citrix.com>
Cc: netdev@vger.kernel.org, xen-devel@lists.xen.org,
konrad.wilk@oracle.com, jbeulich@suse.com,
ian.campbell@citrix.com, wdauchy@gmail.com,
david.vrabel@citrix.com
Subject: Re: [PATCH V5 6/7] xen-netback: coalesce slots in TX path and fix regressions
Date: Sun, 21 Apr 2013 18:06:10 -0400 [thread overview]
Message-ID: <517462D2.8040209@oracle.com> (raw)
In-Reply-To: <1366045581-31349-7-git-send-email-wei.liu2@citrix.com>
On 2013-4-15 13:06, Wei Liu wrote:
>
> static int netbk_count_requests(struct xenvif *vif,
> struct xen_netif_tx_request *first,
> + RING_IDX first_idx,
> struct xen_netif_tx_request *txp,
> int work_to_do)
> {
> RING_IDX cons = vif->tx.req_cons;
> - int frags = 0;
> + int slots = 0;
> + int drop_err = 0;
>
> if (!(first->flags & XEN_NETTXF_more_data))
> return 0;
>
> do {
> - if (frags >= work_to_do) {
> - netdev_err(vif->dev, "Need more frags\n");
> + if (slots >= work_to_do) {
> + netdev_err(vif->dev,
> + "Asked for %d slots but exceeds this limit\n",
> + work_to_do);
> netbk_fatal_tx_err(vif);
> return -ENODATA;
> }
>
> - if (unlikely(frags >= MAX_SKB_FRAGS)) {
> - netdev_err(vif->dev, "Too many frags\n");
> + /* This guest is really using too many slots and
> + * considered malicious.
> + */
> + if (unlikely(slots >= max_skb_slots)) {
> + netdev_err(vif->dev,
> + "Malicious frontend using %d slots, threshold %u\n",
> + slots, max_skb_slots);
> netbk_fatal_tx_err(vif);
> return -E2BIG;
It is possible that vif is freed when packet size is less than 64K here
but slots required >= max_skb_slots. Alough max_skb_slots can be
configured, this kind of packets would be dropped in following if
(!drop_err && slots >= XEN_NETIF_NR_SLOTS_MIN).
> }
>
> - memcpy(txp, RING_GET_REQUEST(&vif->tx, cons + frags),
> + /* Xen network protocol had implicit dependency on
> + * MAX_SKB_FRAGS. XEN_NETIF_NR_SLOTS_MIN is set to the
> + * historical MAX_SKB_FRAGS value 18 to honor the same
> + * behavior as before. Any packet using more than 18
> + * slots but less than max_skb_slots slots is dropped
> + */
> + if (!drop_err && slots >= XEN_NETIF_NR_SLOTS_MIN) {
> + if (net_ratelimit())
> + netdev_dbg(vif->dev,
> + "Too many slots (%d) exceeding limit (%d), dropping packet\n",
> + slots, XEN_NETIF_NR_SLOTS_MIN);
> + drop_err = -E2BIG;
It is possible to drop packets like above(size < 64K && slot >=
XEN_NETIF_NR_SLOTS_MIN). I do not know how frequently this kind of
packets appear, maybe some SKBs with compound page(size < 64K && slot >=
XEN_NETIF_NR_SLOTS_MIN) are dropped here?
Thanks
Annie
next prev parent reply other threads:[~2013-04-21 22:06 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-15 17:06 [PATCH V5 0/7] Bundle fixes for Xen netfront /netback Wei Liu
2013-04-15 17:06 ` [PATCH V5 1/7] xen-netfront: remove unused variable `extra' Wei Liu
2013-04-15 17:06 ` [PATCH V5 2/7] xen-netfront: frags -> slots in xennet_get_responses Wei Liu
2013-04-15 17:06 ` [PATCH V5 3/7] xen-netback: remove skb in xen_netbk_alloc_page Wei Liu
2013-04-15 17:06 ` [PATCH V5 4/7] xen-netfront: frags -> slots in log message Wei Liu
2013-04-17 13:48 ` Ian Campbell
2013-04-15 17:06 ` [PATCH V5 5/7] xen-netfront: reduce gso_max_size to account for max TCP header Wei Liu
2013-04-17 13:51 ` Ian Campbell
2013-04-15 17:06 ` [PATCH V5 6/7] xen-netback: coalesce slots in TX path and fix regressions Wei Liu
2013-04-17 13:53 ` Ian Campbell
2013-04-21 22:06 ` annie li [this message]
2013-04-22 9:28 ` Wei Liu
2013-04-30 18:06 ` [Xen-devel] " annie li
2013-05-01 9:22 ` Wei Liu
2013-04-15 17:06 ` [PATCH V5 7/7] xen-netback: don't disconnect frontend when seeing oversize packet Wei Liu
2013-04-15 17:38 ` [PATCH V5 0/7] Bundle fixes for Xen netfront /netback David Miller
2013-04-17 13:49 ` Ian Campbell
2013-04-17 17:05 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=517462D2.8040209@oracle.com \
--to=annie.li@oracle.com \
--cc=david.vrabel@citrix.com \
--cc=ian.campbell@citrix.com \
--cc=jbeulich@suse.com \
--cc=konrad.wilk@oracle.com \
--cc=netdev@vger.kernel.org \
--cc=wdauchy@gmail.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).