From: Davide Caratti <dcaratti@redhat.com>
To: Jakub Kicinski <jakub.kicinski@netronome.com>,
Eric Dumazet <eric.dumazet@gmail.com>
Cc: Boris Pismenny <borisp@mellanox.com>,
John Fastabend <john.fastabend@gmail.com>,
Dave Watson <davejwatson@fb.com>,
Aviad Yehezkel <aviadye@mellanox.com>,
"David S. Miller" <davem@davemloft.net>,
netdev@vger.kernel.org
Subject: Re: [PATCH net-next 2/3] tcp: ulp: add functions to dump ulp-specific information
Date: Mon, 19 Aug 2019 15:32:09 +0200 [thread overview]
Message-ID: <b765aa08456ef258615a46e7ff106703a240ddb5.camel@redhat.com> (raw)
In-Reply-To: <20190815143810.3a190c81@cakuba.netronome.com>
On Thu, 2019-08-15 at 14:38 -0700, Jakub Kicinski wrote:
> On Thu, 15 Aug 2019 20:46:01 +0200, Eric Dumazet wrote:
hello Eric and Jakub, thanks a lot for looking at this.
> > On 8/15/19 6:00 PM, Davide Caratti wrote:
> >
> > >
> > > + if (net_admin) {
> > > + const struct tcp_ulp_ops *ulp_ops;
> > > +
> > > + rcu_read_lock();
> > > + ulp_ops = icsk->icsk_ulp_ops;
> > > + if (ulp_ops)
> > > + err = tcp_diag_put_ulp(skb, sk, ulp_ops);
> > > + rcu_read_unlock();
> > > + if (err)
> > > + return err;
> > > + }
> > > return 0;
> >
> > Why is rcu_read_lock() and rcu_read_unlock() used at all ?
> >
> > icsk->icsk_ulp_ops does not seem to be rcu protected ?
> >
> > If this was, then an rcu_dereference() would be appropriate.
>
> Indeed it's ulp_data not ulp_ops that are protected.
the goal is to protect execution of 'ss -tni' against concurrent removal
of tls.ko module, similarly to what was done in inet_sk_diag_fill() when
INET_DIAG_CONG is requested [1]. But after reading more carefully, the
assignment of ulp_ops needs to be:
ulp_ops = READ_ONCE(icsk->icsk_ulp_ops);
which I lost in internal reviews, with some additional explanatory
comment. Ok if I correct the above hunk with READ_ONCE() and add a
comment?
> Davide, perhaps we could push the RCU lock into tls_get_info(), after all?
It depends on whether concurrent dump / module removal is an issue for TCP
ULPs, like it was for congestion control schemes [1]. Any advice?
> And tls_context has to use rcu_deference there, as Eric points out,
> plus we should probably NULL-check it.
yes, it makes sense, for patch 3/3, in the assignment of 'ctx'. Instead of
calling tls_get_ctx() in tls_get_info() I will do
ctx = rcu_dereference(inet_csk(sk)->icsk_ulp_data);
and let it return 0 in case of NULL ctx (as it doesn't look like a faulty
situation). Ok?
--
davide
[1] see:
commit 521f1cf1dbb9d5ad858dca5dc75d1b45f64b6589
Author: Eric Dumazet <edumazet@google.com>
Date: Thu Apr 16 18:10:35 2015 -0700
inet_diag: fix access to tcp cc information
next prev parent reply other threads:[~2019-08-19 13:32 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-15 16:00 [PATCH net-next 0/3] net: tls: add socket diag Davide Caratti
2019-08-15 16:00 ` [PATCH net-next 1/3] net/tls: use RCU protection on icsk->icsk_ulp_data Davide Caratti
2019-08-15 21:32 ` Jakub Kicinski
2019-08-19 13:23 ` Davide Caratti
2019-08-15 16:00 ` [PATCH net-next 2/3] tcp: ulp: add functions to dump ulp-specific information Davide Caratti
2019-08-15 18:46 ` Eric Dumazet
2019-08-15 21:38 ` Jakub Kicinski
2019-08-19 13:32 ` Davide Caratti [this message]
2019-08-19 20:40 ` Jakub Kicinski
2019-08-15 16:00 ` [PATCH net-next 3/3] net: tls: export protocol version, cipher, tx_conf/rx_conf to socket diag Davide Caratti
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b765aa08456ef258615a46e7ff106703a240ddb5.camel@redhat.com \
--to=dcaratti@redhat.com \
--cc=aviadye@mellanox.com \
--cc=borisp@mellanox.com \
--cc=davejwatson@fb.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=jakub.kicinski@netronome.com \
--cc=john.fastabend@gmail.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).