License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.
By default all files without license information are under the default
license of the kernel, which is GPL version 2.
Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.
This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.
How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,
Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.
The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.
The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.
Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if <5
lines).
All documentation files were explicitly excluded.
The following heuristics were used to determine which SPDX license
identifiers to apply.
- when both scanners couldn't find any license traces, file was
considered to have no license information in it, and the top level
COPYING file license applied.
For non */uapi/* files that summary was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 11139
and resulted in the first patch in this series.
If that file was a */uapi/* path one, it was "GPL-2.0 WITH
Linux-syscall-note" otherwise it was "GPL-2.0". Results of that was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 WITH Linux-syscall-note 930
and resulted in the second patch in this series.
- if a file had some form of licensing information in it, and was one
of the */uapi/* ones, it was denoted with the Linux-syscall-note if
any GPL family license was found in the file or had no licensing in
it (per prior point). Results summary:
SPDX license identifier # files
---------------------------------------------------|------
GPL-2.0 WITH Linux-syscall-note 270
GPL-2.0+ WITH Linux-syscall-note 169
((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) 21
((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 17
LGPL-2.1+ WITH Linux-syscall-note 15
GPL-1.0+ WITH Linux-syscall-note 14
((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause) 5
LGPL-2.0+ WITH Linux-syscall-note 4
LGPL-2.1 WITH Linux-syscall-note 3
((GPL-2.0 WITH Linux-syscall-note) OR MIT) 3
((GPL-2.0 WITH Linux-syscall-note) AND MIT) 1
and that resulted in the third patch in this series.
- when the two scanners agreed on the detected license(s), that became
the concluded license(s).
- when there was disagreement between the two scanners (one detected a
license but the other didn't, or they both detected different
licenses) a manual inspection of the file occurred.
- In most cases a manual inspection of the information in the file
resulted in a clear resolution of the license that should apply (and
which scanner probably needed to revisit its heuristics).
- When it was not immediately clear, the license identifier was
confirmed with lawyers working with the Linux Foundation.
- If there was any question as to the appropriate license identifier,
the file was flagged for further research and to be revisited later
in time.
In total, over 70 hours of logged manual review was done on the
spreadsheet to determine the SPDX license identifiers to apply to the
source files by Kate, Philippe, Thomas and, in some cases, confirmation
by lawyers working with the Linux Foundation.
Kate also obtained a third independent scan of the 4.13 code base from
FOSSology, and compared selected files where the other two scanners
disagreed against that SPDX file, to see if there was new insights. The
Windriver scanner is based on an older version of FOSSology in part, so
they are related.
Thomas did random spot checks in about 500 files from the spreadsheets
for the uapi headers and agreed with SPDX license identifier in the
files he inspected. For the non-uapi files Thomas did random spot checks
in about 15000 files.
In initial set of patches against 4.14-rc6, 3 files were found to have
copy/paste license identifier errors, and have been fixed to reflect the
correct identifier.
Additionally Philippe spent 10 hours this week doing a detailed manual
inspection and review of the 12,461 patched files from the initial patch
version early this week with:
- a full scancode scan run, collecting the matched texts, detected
license ids and scores
- reviewing anything where there was a license detected (about 500+
files) to ensure that the applied SPDX license was correct
- reviewing anything where there was no detection but the patch license
was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
SPDX license was correct
This produced a worksheet with 20 files needing minor correction. This
worksheet was then exported into 3 different .csv files for the
different types of files to be modified.
These .csv files were then reviewed by Greg. Thomas wrote a script to
parse the csv files and add the proper SPDX tag to the file, in the
format that the file expected. This script was further refined by Greg
based on the output to detect more types of files automatically and to
distinguish between header and source .c files (which need different
comment types.) Finally Greg ran the script using the .csv files to
generate the patches.
Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-01 15:07:57 +01:00
/* SPDX-License-Identifier: GPL-2.0 */
2005-04-16 15:20:36 -07:00
/*
* net / dst . h Protocol independent destination cache definitions .
*
* Authors : Alexey Kuznetsov , < kuznet @ ms2 . inr . ac . ru >
*
*/
# ifndef _NET_DST_H
# define _NET_DST_H
2009-08-29 01:34:49 +00:00
# include <net/dst_ops.h>
2005-12-27 02:43:12 -02:00
# include <linux/netdevice.h>
2005-04-16 15:20:36 -07:00
# include <linux/rtnetlink.h>
# include <linux/rcupdate.h>
2011-11-23 20:12:59 -05:00
# include <linux/bug.h>
2005-04-16 15:20:36 -07:00
# include <linux/jiffies.h>
2017-08-18 12:08:07 -07:00
# include <linux/refcount.h>
2005-04-16 15:20:36 -07:00
# include <net/neighbour.h>
# include <asm/processor.h>
# define DST_GC_MIN (HZ / 10)
# define DST_GC_INC (HZ / 2)
# define DST_GC_MAX (120*HZ)
/* Each dst_entry has reference count and sits in some parent list(s).
* When it is removed from parent list , it is " freed " ( dst_free ) .
* After this it enters dead state ( dst - > obsolete > 0 ) and if its refcnt
* is zero , it can be destroyed immediately , otherwise it is added
* to gc list and garbage collector periodically checks the refcnt .
*/
struct sk_buff ;
2009-11-03 03:26:03 +00:00
struct dst_entry {
2017-05-17 19:31:39 +03:00
struct net_device * dev ;
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
struct dst_ops * ops ;
unsigned long _metrics ;
ipv6: fix race condition regarding dst->expires and dst->from.
Eric Dumazet wrote:
| Some strange crashes happen in rt6_check_expired(), with access
| to random addresses.
|
| At first glance, it looks like the RTF_EXPIRES and
| stuff added in commit 1716a96101c49186b
| (ipv6: fix problem with expired dst cache)
| are racy : same dst could be manipulated at the same time
| on different cpus.
|
| At some point, our stack believes rt->dst.from contains a dst pointer,
| while its really a jiffie value (as rt->dst.expires shares the same area
| of memory)
|
| rt6_update_expires() should be fixed, or am I missing something ?
|
| CC Neil because of https://bugzilla.redhat.com/show_bug.cgi?id=892060
Because we do not have any locks for dst_entry, we cannot change
essential structure in the entry; e.g., we cannot change reference
to other entity.
To fix this issue, split 'from' and 'expires' field in dst_entry
out of union. Once it is 'from' is assigned in the constructor,
keep the reference until the very last stage of the life time of
the object.
Of course, it is unsafe to change 'from', so make rt6_set_from simple
just for fresh entries.
Reported-by: Eric Dumazet <eric.dumazet@gmail.com>
Reported-by: Neil Horman <nhorman@tuxdriver.com>
CC: Gao Feng <gaofeng@cn.fujitsu.com>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Reported-by: Steinar H. Gunderson <sesse@google.com>
Reviewed-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-02-20 00:29:08 +00:00
unsigned long expires ;
2008-10-28 13:24:06 -07:00
# ifdef CONFIG_XFRM
2005-04-16 15:20:36 -07:00
struct xfrm_state * xfrm ;
2008-11-16 19:46:36 -08:00
# else
void * __pad1 ;
2008-10-28 13:24:06 -07:00
# endif
2012-06-16 15:14:49 +02:00
int ( * input ) ( struct sk_buff * ) ;
2015-10-07 16:48:47 -05:00
int ( * output ) ( struct net * net , struct sock * sk , struct sk_buff * skb ) ;
2005-04-16 15:20:36 -07:00
2012-07-02 02:21:03 -07:00
unsigned short flags ;
2011-07-14 07:53:20 -07:00
# define DST_HOST 0x0001
# define DST_NOXFRM 0x0002
# define DST_NOPOLICY 0x0004
2017-06-17 10:42:43 -07:00
# define DST_NOCOUNT 0x0008
# define DST_FAKE_RTABLE 0x0010
# define DST_XFRM_TUNNEL 0x0020
# define DST_XFRM_QUEUE 0x0040
# define DST_METADATA 0x0080
2011-07-14 07:53:20 -07:00
2012-07-19 12:31:33 -07:00
/* A non-zero value of dst->obsolete forces by-hand validation
* of the route entry . Positive values are set by the generic
* dst layer to indicate that the entry has been forcefully
* destroyed .
*
* Negative values are used by the implementation layer code to
* force invocation of the dst_ops - > check ( ) method .
*/
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
short obsolete ;
2012-07-19 12:31:33 -07:00
# define DST_OBSOLETE_NONE 0
# define DST_OBSOLETE_DEAD 2
# define DST_OBSOLETE_FORCE_CHK -1
2012-07-17 11:31:28 -07:00
# define DST_OBSOLETE_KILL -2
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
unsigned short header_len ; /* more space at head required */
unsigned short trailer_len ; /* space to reserve at tail */
2017-02-06 23:14:17 +02:00
[NET]: Fix tbench regression in 2.6.25-rc1
Comparing with kernel 2.6.24, tbench result has regression with
2.6.25-rc1.
1) On 2 quad-core processor stoakley: 4%.
2) On 4 quad-core processor tigerton: more than 30%.
bisect located below patch.
b4ce92775c2e7ff9cf79cca4e0a19c8c5fd6287b is first bad commit
commit b4ce92775c2e7ff9cf79cca4e0a19c8c5fd6287b
Author: Herbert Xu <herbert@gondor.apana.org.au>
Date: Tue Nov 13 21:33:32 2007 -0800
[IPV6]: Move nfheader_len into rt6_info
The dst member nfheader_len is only used by IPv6. It's also currently
creating a rather ugly alignment hole in struct dst. Therefore this patch
moves it from there into struct rt6_info.
Above patch changes the cache line alignment, especially member
__refcnt. I did a testing by adding 2 unsigned long pading before
lastuse, so the 3 members, lastuse/__refcnt/__use, are moved to next
cache line. The performance is recovered.
I created a patch to rearrange the members in struct dst_entry.
With Eric and Valdis Kletnieks's suggestion, I made finer arrangement.
1) Move tclassid under ops in case CONFIG_NET_CLS_ROUTE=y. So
sizeof(dst_entry)=200 no matter if CONFIG_NET_CLS_ROUTE=y/n. I
tested many patches on my 16-core tigerton by moving tclassid to
different place. It looks like tclassid could also have impact on
performance. If moving tclassid before metrics, or just don't move
tclassid, the performance isn't good. So I move it behind metrics.
2) Add comments before __refcnt.
On 16-core tigerton:
If CONFIG_NET_CLS_ROUTE=y, the result with below patch is about 18%
better than the one without the patch;
If CONFIG_NET_CLS_ROUTE=n, the result with below patch is about 30%
better than the one without the patch.
With 32bit 2.6.25-rc1 on 8-core stoakley, the new patch doesn't
introduce regression.
Thank Eric, Valdis, and David!
Signed-off-by: Zhang Yanmin <yanmin.zhang@intel.com>
Acked-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-03-12 22:52:37 -07:00
/*
* __refcnt wants to be on a different cache line from
* input / output / ops or performance tanks badly
*/
2017-11-28 15:40:53 -05:00
# ifdef CONFIG_64BIT
atomic_t __refcnt ; /* 64-bit offset 64 */
# endif
2007-02-09 16:26:55 -08:00
int __use ;
[NET]: Fix tbench regression in 2.6.25-rc1
Comparing with kernel 2.6.24, tbench result has regression with
2.6.25-rc1.
1) On 2 quad-core processor stoakley: 4%.
2) On 4 quad-core processor tigerton: more than 30%.
bisect located below patch.
b4ce92775c2e7ff9cf79cca4e0a19c8c5fd6287b is first bad commit
commit b4ce92775c2e7ff9cf79cca4e0a19c8c5fd6287b
Author: Herbert Xu <herbert@gondor.apana.org.au>
Date: Tue Nov 13 21:33:32 2007 -0800
[IPV6]: Move nfheader_len into rt6_info
The dst member nfheader_len is only used by IPv6. It's also currently
creating a rather ugly alignment hole in struct dst. Therefore this patch
moves it from there into struct rt6_info.
Above patch changes the cache line alignment, especially member
__refcnt. I did a testing by adding 2 unsigned long pading before
lastuse, so the 3 members, lastuse/__refcnt/__use, are moved to next
cache line. The performance is recovered.
I created a patch to rearrange the members in struct dst_entry.
With Eric and Valdis Kletnieks's suggestion, I made finer arrangement.
1) Move tclassid under ops in case CONFIG_NET_CLS_ROUTE=y. So
sizeof(dst_entry)=200 no matter if CONFIG_NET_CLS_ROUTE=y/n. I
tested many patches on my 16-core tigerton by moving tclassid to
different place. It looks like tclassid could also have impact on
performance. If moving tclassid before metrics, or just don't move
tclassid, the performance isn't good. So I move it behind metrics.
2) Add comments before __refcnt.
On 16-core tigerton:
If CONFIG_NET_CLS_ROUTE=y, the result with below patch is about 18%
better than the one without the patch;
If CONFIG_NET_CLS_ROUTE=n, the result with below patch is about 30%
better than the one without the patch.
With 32bit 2.6.25-rc1 on 8-core stoakley, the new patch doesn't
introduce regression.
Thank Eric, Valdis, and David!
Signed-off-by: Zhang Yanmin <yanmin.zhang@intel.com>
Acked-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-03-12 22:52:37 -07:00
unsigned long lastuse ;
2015-08-21 12:41:14 +02:00
struct lwtunnel_state * lwtstate ;
2017-11-28 15:40:53 -05:00
struct rcu_head rcu_head ;
short error ;
short __pad ;
__u32 tclassid ;
# ifndef CONFIG_64BIT
atomic_t __refcnt ; /* 32-bit offset 64 */
# endif
2005-04-16 15:20:36 -07:00
} ;
2017-05-25 14:27:35 -07:00
struct dst_metrics {
u32 metrics [ RTAX_MAX ] ;
2017-08-18 12:08:07 -07:00
refcount_t refcnt ;
2017-05-25 14:27:35 -07:00
} ;
extern const struct dst_metrics dst_default_metrics ;
2013-09-20 11:23:21 -07:00
u32 * dst_cow_metrics_generic ( struct dst_entry * dst , unsigned long old ) ;
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
2014-03-27 13:04:08 +01:00
# define DST_METRICS_READ_ONLY 0x1UL
2017-05-25 14:27:35 -07:00
# define DST_METRICS_REFCOUNTED 0x2UL
2014-03-27 13:04:08 +01:00
# define DST_METRICS_FLAGS 0x3UL
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
# define __DST_METRICS_PTR(Y) \
2014-03-27 13:04:08 +01:00
( ( u32 * ) ( ( Y ) & ~ DST_METRICS_FLAGS ) )
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
# define DST_METRICS_PTR(X) __DST_METRICS_PTR((X)->_metrics)
static inline bool dst_metrics_read_only ( const struct dst_entry * dst )
{
return dst - > _metrics & DST_METRICS_READ_ONLY ;
}
2013-09-20 11:23:21 -07:00
void __dst_destroy_metrics_generic ( struct dst_entry * dst , unsigned long old ) ;
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
static inline void dst_destroy_metrics_generic ( struct dst_entry * dst )
{
unsigned long val = dst - > _metrics ;
if ( ! ( val & DST_METRICS_READ_ONLY ) )
__dst_destroy_metrics_generic ( dst , val ) ;
}
static inline u32 * dst_metrics_write_ptr ( struct dst_entry * dst )
{
unsigned long p = dst - > _metrics ;
2011-05-24 13:50:52 -04:00
BUG_ON ( ! p ) ;
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
if ( p & DST_METRICS_READ_ONLY )
return dst - > ops - > cow_metrics ( dst , p ) ;
return __DST_METRICS_PTR ( p ) ;
}
/* This may only be invoked before the entry has reached global
* visibility .
*/
static inline void dst_init_metrics ( struct dst_entry * dst ,
const u32 * src_metrics ,
bool read_only )
{
dst - > _metrics = ( ( unsigned long ) src_metrics ) |
( read_only ? DST_METRICS_READ_ONLY : 0 ) ;
}
static inline void dst_copy_metrics ( struct dst_entry * dest , const struct dst_entry * src )
{
u32 * dst_metrics = dst_metrics_write_ptr ( dest ) ;
if ( dst_metrics ) {
u32 * src_metrics = DST_METRICS_PTR ( src ) ;
memcpy ( dst_metrics , src_metrics , RTAX_MAX * sizeof ( u32 ) ) ;
}
}
static inline u32 * dst_metrics_ptr ( struct dst_entry * dst )
{
return DST_METRICS_PTR ( dst ) ;
}
2005-04-16 15:20:36 -07:00
static inline u32
2010-12-12 21:35:57 -08:00
dst_metric_raw ( const struct dst_entry * dst , const int metric )
2005-04-16 15:20:36 -07:00
{
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
u32 * p = DST_METRICS_PTR ( dst ) ;
return p [ metric - 1 ] ;
2010-12-08 21:16:57 -08:00
}
2010-12-12 21:35:57 -08:00
static inline u32
dst_metric ( const struct dst_entry * dst , const int metric )
{
2010-12-13 12:52:14 -08:00
WARN_ON_ONCE ( metric = = RTAX_HOPLIMIT | |
2010-12-14 13:01:14 -08:00
metric = = RTAX_ADVMSS | |
metric = = RTAX_MTU ) ;
2010-12-12 21:35:57 -08:00
return dst_metric_raw ( dst , metric ) ;
}
2010-12-13 12:52:14 -08:00
static inline u32
dst_metric_advmss ( const struct dst_entry * dst )
{
u32 advmss = dst_metric_raw ( dst , RTAX_ADVMSS ) ;
if ( ! advmss )
advmss = dst - > ops - > default_advmss ( dst ) ;
return advmss ;
}
2010-12-08 21:16:57 -08:00
static inline void dst_metric_set ( struct dst_entry * dst , int metric , u32 val )
{
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
u32 * p = dst_metrics_write_ptr ( dst ) ;
2010-12-08 21:16:57 -08:00
net: Implement read-only protection and COW'ing of metrics.
Routing metrics are now copy-on-write.
Initially a route entry points it's metrics at a read-only location.
If a routing table entry exists, it will point there. Else it will
point at the all zero metric place-holder called 'dst_default_metrics'.
The writeability state of the metrics is stored in the low bits of the
metrics pointer, we have two bits left to spare if we want to store
more states.
For the initial implementation, COW is implemented simply via kmalloc.
However future enhancements will change this to place the writable
metrics somewhere else, in order to increase sharing. Very likely
this "somewhere else" will be the inetpeer cache.
Note also that this means that metrics updates may transiently fail
if we cannot COW the metrics successfully.
But even by itself, this patch should decrease memory usage and
increase cache locality especially for routing workloads. In those
cases the read-only metric copies stay in place and never get written
to.
TCP workloads where metrics get updated, and those rare cases where
PMTU triggers occur, will take a very slight performance hit. But
that hit will be alleviated when the long-term writable metrics
move to a more sharable location.
Since the metrics storage went from a u32 array of RTAX_MAX entries to
what is essentially a pointer, some retooling of the dst_entry layout
was necessary.
Most importantly, we need to preserve the alignment of the reference
count so that it doesn't share cache lines with the read-mostly state,
as per Eric Dumazet's alignment assertion checks.
The only non-trivial bit here is the move of the 'flags' member into
the writeable cacheline. This is OK since we are always accessing the
flags around the same moment when we made a modification to the
reference count.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-26 20:51:05 -08:00
if ( p )
p [ metric - 1 ] = val ;
2005-04-16 15:20:36 -07:00
}
tcp: use dctcp if enabled on the route to the initiator
Currently, the following case doesn't use DCTCP, even if it should:
A responder has f.e. Cubic as system wide default, but for a specific
route to the initiating host, DCTCP is being set in RTAX_CC_ALGO. The
initiating host then uses DCTCP as congestion control, but since the
initiator sets ECT(0), tcp_ecn_create_request() doesn't set ecn_ok,
and we have to fall back to Reno after 3WHS completes.
We were thinking on how to solve this in a minimal, non-intrusive
way without bloating tcp_ecn_create_request() needlessly: lets cache
the CA ecn option flag in RTAX_FEATURES. In other words, when ECT(0)
is set on the SYN packet, set ecn_ok=1 iff route RTAX_FEATURES
contains the unexposed (internal-only) DST_FEATURE_ECN_CA. This allows
to only do a single metric feature lookup inside tcp_ecn_create_request().
Joint work with Florian Westphal.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-08-31 15:58:47 +02:00
/* Kernel-internal feature bits that are unallocated in user space. */
# define DST_FEATURE_ECN_CA (1 << 31)
# define DST_FEATURE_MASK (DST_FEATURE_ECN_CA)
# define DST_FEATURE_ECN_MASK (DST_FEATURE_ECN_CA | RTAX_FEATURE_ECN)
2009-10-28 04:15:23 +00:00
static inline u32
dst_feature ( const struct dst_entry * dst , u32 feature )
{
tcp: Revert per-route SACK/DSACK/TIMESTAMP changes.
It creates a regression, triggering badness for SYN_RECV
sockets, for example:
[19148.022102] Badness at net/ipv4/inet_connection_sock.c:293
[19148.022570] NIP: c02a0914 LR: c02a0904 CTR: 00000000
[19148.023035] REGS: eeecbd30 TRAP: 0700 Not tainted (2.6.32)
[19148.023496] MSR: 00029032 <EE,ME,CE,IR,DR> CR: 24002442 XER: 00000000
[19148.024012] TASK = eee9a820[1756] 'privoxy' THREAD: eeeca000
This is likely caused by the change in the 'estab' parameter
passed to tcp_parse_options() when invoked by the functions
in net/ipv4/tcp_minisocks.c
But even if that is fixed, the ->conn_request() changes made in
this patch series is fundamentally wrong. They try to use the
listening socket's 'dst' to probe the route settings. The
listening socket doesn't even have a route, and you can't
get the right route (the child request one) until much later
after we setup all of the state, and it must be done by hand.
This stuff really isn't ready, so the best thing to do is a
full revert. This reverts the following commits:
f55017a93f1a74d50244b1254b9a2bd7ac9bbf7d
022c3f7d82f0f1c68018696f2f027b87b9bb45c2
1aba721eba1d84a2defce45b950272cee1e6c72a
cda42ebd67ee5fdf09d7057b5a4584d36fe8a335
345cda2fd695534be5a4494f1b59da9daed33663
dc343475ed062e13fc260acccaab91d7d80fd5b2
05eaade2782fb0c90d3034fd7a7d5a16266182bb
6a2a2d6bf8581216e08be15fcb563cfd6c430e1e
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-12-15 20:56:42 -08:00
return dst_metric ( dst , RTAX_FEATURES ) & feature ;
2009-10-28 04:15:23 +00:00
}
2005-04-16 15:20:36 -07:00
static inline u32 dst_mtu ( const struct dst_entry * dst )
{
2011-11-23 02:13:31 +00:00
return dst - > ops - > mtu ( dst ) ;
2005-04-16 15:20:36 -07:00
}
2008-07-18 23:02:15 -07:00
/* RTT metrics are stored in milliseconds for user ABI, but used as jiffies */
static inline unsigned long dst_metric_rtt ( const struct dst_entry * dst , int metric )
{
return msecs_to_jiffies ( dst_metric ( dst , metric ) ) ;
}
2005-04-16 15:20:36 -07:00
static inline u32
dst_allfrag ( const struct dst_entry * dst )
{
2009-10-28 04:15:23 +00:00
int ret = dst_feature ( dst , RTAX_FEATURE_ALLFRAG ) ;
2005-04-16 15:20:36 -07:00
return ret ;
}
static inline int
2010-12-14 13:01:14 -08:00
dst_metric_locked ( const struct dst_entry * dst , int metric )
2005-04-16 15:20:36 -07:00
{
return dst_metric ( dst , RTAX_LOCK ) & ( 1 < < metric ) ;
}
2012-06-16 15:14:49 +02:00
static inline void dst_hold ( struct dst_entry * dst )
2005-04-16 15:20:36 -07:00
{
2008-11-16 19:46:36 -08:00
/*
* If your kernel compilation stops here , please check
2017-11-28 15:40:53 -05:00
* the placement of __refcnt in struct dst_entry
2008-11-16 19:46:36 -08:00
*/
BUILD_BUG_ON ( offsetof ( struct dst_entry , __refcnt ) & 63 ) ;
2017-06-17 10:42:44 -07:00
WARN_ON ( atomic_inc_not_zero ( & dst - > __refcnt ) = = 0 ) ;
2005-04-16 15:20:36 -07:00
}
2017-10-13 15:08:07 -07:00
static inline void dst_use_noref ( struct dst_entry * dst , unsigned long time )
2007-11-10 21:28:34 -08:00
{
2017-10-24 12:41:01 +02:00
if ( unlikely ( time ! = dst - > lastuse ) ) {
2017-10-13 15:08:07 -07:00
dst - > __use + + ;
dst - > lastuse = time ;
}
2007-11-10 21:28:34 -08:00
}
2017-10-13 15:08:07 -07:00
static inline void dst_hold_and_use ( struct dst_entry * dst , unsigned long time )
2010-05-11 23:19:48 +00:00
{
2017-10-13 15:08:07 -07:00
dst_hold ( dst ) ;
dst_use_noref ( dst , time ) ;
2010-05-11 23:19:48 +00:00
}
2012-06-16 15:14:49 +02:00
static inline struct dst_entry * dst_clone ( struct dst_entry * dst )
2005-04-16 15:20:36 -07:00
{
if ( dst )
2017-09-21 09:15:46 -07:00
dst_hold ( dst ) ;
2005-04-16 15:20:36 -07:00
return dst ;
}
2013-09-20 11:23:21 -07:00
void dst_release ( struct dst_entry * dst ) ;
2010-05-11 23:19:48 +00:00
2017-06-17 10:42:27 -07:00
void dst_release_immediate ( struct dst_entry * dst ) ;
2010-05-11 23:19:48 +00:00
static inline void refdst_drop ( unsigned long refdst )
{
if ( ! ( refdst & SKB_DST_NOREF ) )
dst_release ( ( struct dst_entry * ) ( refdst & SKB_DST_PTRMASK ) ) ;
}
/**
* skb_dst_drop - drops skb dst
* @ skb : buffer
*
* Drops dst reference count if a reference was taken .
*/
2009-06-02 05:19:30 +00:00
static inline void skb_dst_drop ( struct sk_buff * skb )
{
2010-05-11 23:19:48 +00:00
if ( skb - > _skb_refdst ) {
refdst_drop ( skb - > _skb_refdst ) ;
skb - > _skb_refdst = 0UL ;
}
}
2015-08-26 11:31:47 -07:00
static inline void __skb_dst_copy ( struct sk_buff * nskb , unsigned long refdst )
2010-05-11 23:19:48 +00:00
{
2015-08-26 11:31:47 -07:00
nskb - > _skb_refdst = refdst ;
2010-05-11 23:19:48 +00:00
if ( ! ( nskb - > _skb_refdst & SKB_DST_NOREF ) )
dst_clone ( skb_dst ( nskb ) ) ;
}
2015-08-26 11:31:47 -07:00
static inline void skb_dst_copy ( struct sk_buff * nskb , const struct sk_buff * oskb )
{
__skb_dst_copy ( nskb , oskb - > _skb_refdst ) ;
}
net: fix IP early demux races
David Wilder reported crashes caused by dst reuse.
<quote David>
I am seeing a crash on a distro V4.2.3 kernel caused by a double
release of a dst_entry. In ipv4_dst_destroy() the call to
list_empty() finds a poisoned next pointer, indicating the dst_entry
has already been removed from the list and freed. The crash occurs
18 to 24 hours into a run of a network stress exerciser.
</quote>
Thanks to his detailed report and analysis, we were able to understand
the core issue.
IP early demux can associate a dst to skb, after a lookup in TCP/UDP
sockets.
When socket cache is not properly set, we want to store into
sk->sk_dst_cache the dst for future IP early demux lookups,
by acquiring a stable refcount on the dst.
Problem is this acquisition is simply using an atomic_inc(),
which works well, unless the dst was queued for destruction from
dst_release() noticing dst refcount went to zero, if DST_NOCACHE
was set on dst.
We need to make sure current refcount is not zero before incrementing
it, or risk double free as David reported.
This patch, being a stable candidate, adds two new helpers, and use
them only from IP early demux problematic paths.
It might be possible to merge in net-next skb_dst_force() and
skb_dst_force_safe(), but I prefer having the smallest patch for stable
kernels : Maybe some skb_dst_force() callers do not expect skb->dst
can suddenly be cleared.
Can probably be backported back to linux-3.6 kernels
Reported-by: David J. Wilder <dwilder@us.ibm.com>
Tested-by: David J. Wilder <dwilder@us.ibm.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-12-14 14:08:53 -08:00
/**
* dst_hold_safe - Take a reference on a dst if possible
* @ dst : pointer to dst entry
*
* This helper returns false if it could not safely
* take a reference on a dst .
*/
static inline bool dst_hold_safe ( struct dst_entry * dst )
{
2017-06-17 10:42:41 -07:00
return atomic_inc_not_zero ( & dst - > __refcnt ) ;
net: fix IP early demux races
David Wilder reported crashes caused by dst reuse.
<quote David>
I am seeing a crash on a distro V4.2.3 kernel caused by a double
release of a dst_entry. In ipv4_dst_destroy() the call to
list_empty() finds a poisoned next pointer, indicating the dst_entry
has already been removed from the list and freed. The crash occurs
18 to 24 hours into a run of a network stress exerciser.
</quote>
Thanks to his detailed report and analysis, we were able to understand
the core issue.
IP early demux can associate a dst to skb, after a lookup in TCP/UDP
sockets.
When socket cache is not properly set, we want to store into
sk->sk_dst_cache the dst for future IP early demux lookups,
by acquiring a stable refcount on the dst.
Problem is this acquisition is simply using an atomic_inc(),
which works well, unless the dst was queued for destruction from
dst_release() noticing dst refcount went to zero, if DST_NOCACHE
was set on dst.
We need to make sure current refcount is not zero before incrementing
it, or risk double free as David reported.
This patch, being a stable candidate, adds two new helpers, and use
them only from IP early demux problematic paths.
It might be possible to merge in net-next skb_dst_force() and
skb_dst_force_safe(), but I prefer having the smallest patch for stable
kernels : Maybe some skb_dst_force() callers do not expect skb->dst
can suddenly be cleared.
Can probably be backported back to linux-3.6 kernels
Reported-by: David J. Wilder <dwilder@us.ibm.com>
Tested-by: David J. Wilder <dwilder@us.ibm.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-12-14 14:08:53 -08:00
}
/**
2017-09-21 09:15:46 -07:00
* skb_dst_force - makes sure skb dst is refcounted
net: fix IP early demux races
David Wilder reported crashes caused by dst reuse.
<quote David>
I am seeing a crash on a distro V4.2.3 kernel caused by a double
release of a dst_entry. In ipv4_dst_destroy() the call to
list_empty() finds a poisoned next pointer, indicating the dst_entry
has already been removed from the list and freed. The crash occurs
18 to 24 hours into a run of a network stress exerciser.
</quote>
Thanks to his detailed report and analysis, we were able to understand
the core issue.
IP early demux can associate a dst to skb, after a lookup in TCP/UDP
sockets.
When socket cache is not properly set, we want to store into
sk->sk_dst_cache the dst for future IP early demux lookups,
by acquiring a stable refcount on the dst.
Problem is this acquisition is simply using an atomic_inc(),
which works well, unless the dst was queued for destruction from
dst_release() noticing dst refcount went to zero, if DST_NOCACHE
was set on dst.
We need to make sure current refcount is not zero before incrementing
it, or risk double free as David reported.
This patch, being a stable candidate, adds two new helpers, and use
them only from IP early demux problematic paths.
It might be possible to merge in net-next skb_dst_force() and
skb_dst_force_safe(), but I prefer having the smallest patch for stable
kernels : Maybe some skb_dst_force() callers do not expect skb->dst
can suddenly be cleared.
Can probably be backported back to linux-3.6 kernels
Reported-by: David J. Wilder <dwilder@us.ibm.com>
Tested-by: David J. Wilder <dwilder@us.ibm.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-12-14 14:08:53 -08:00
* @ skb : buffer
*
* If dst is not yet refcounted and not destroyed , grab a ref on it .
*/
2017-09-21 09:15:46 -07:00
static inline void skb_dst_force ( struct sk_buff * skb )
net: fix IP early demux races
David Wilder reported crashes caused by dst reuse.
<quote David>
I am seeing a crash on a distro V4.2.3 kernel caused by a double
release of a dst_entry. In ipv4_dst_destroy() the call to
list_empty() finds a poisoned next pointer, indicating the dst_entry
has already been removed from the list and freed. The crash occurs
18 to 24 hours into a run of a network stress exerciser.
</quote>
Thanks to his detailed report and analysis, we were able to understand
the core issue.
IP early demux can associate a dst to skb, after a lookup in TCP/UDP
sockets.
When socket cache is not properly set, we want to store into
sk->sk_dst_cache the dst for future IP early demux lookups,
by acquiring a stable refcount on the dst.
Problem is this acquisition is simply using an atomic_inc(),
which works well, unless the dst was queued for destruction from
dst_release() noticing dst refcount went to zero, if DST_NOCACHE
was set on dst.
We need to make sure current refcount is not zero before incrementing
it, or risk double free as David reported.
This patch, being a stable candidate, adds two new helpers, and use
them only from IP early demux problematic paths.
It might be possible to merge in net-next skb_dst_force() and
skb_dst_force_safe(), but I prefer having the smallest patch for stable
kernels : Maybe some skb_dst_force() callers do not expect skb->dst
can suddenly be cleared.
Can probably be backported back to linux-3.6 kernels
Reported-by: David J. Wilder <dwilder@us.ibm.com>
Tested-by: David J. Wilder <dwilder@us.ibm.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-12-14 14:08:53 -08:00
{
if ( skb_dst_is_noref ( skb ) ) {
struct dst_entry * dst = skb_dst ( skb ) ;
2017-09-21 09:15:46 -07:00
WARN_ON ( ! rcu_read_lock_held ( ) ) ;
net: fix IP early demux races
David Wilder reported crashes caused by dst reuse.
<quote David>
I am seeing a crash on a distro V4.2.3 kernel caused by a double
release of a dst_entry. In ipv4_dst_destroy() the call to
list_empty() finds a poisoned next pointer, indicating the dst_entry
has already been removed from the list and freed. The crash occurs
18 to 24 hours into a run of a network stress exerciser.
</quote>
Thanks to his detailed report and analysis, we were able to understand
the core issue.
IP early demux can associate a dst to skb, after a lookup in TCP/UDP
sockets.
When socket cache is not properly set, we want to store into
sk->sk_dst_cache the dst for future IP early demux lookups,
by acquiring a stable refcount on the dst.
Problem is this acquisition is simply using an atomic_inc(),
which works well, unless the dst was queued for destruction from
dst_release() noticing dst refcount went to zero, if DST_NOCACHE
was set on dst.
We need to make sure current refcount is not zero before incrementing
it, or risk double free as David reported.
This patch, being a stable candidate, adds two new helpers, and use
them only from IP early demux problematic paths.
It might be possible to merge in net-next skb_dst_force() and
skb_dst_force_safe(), but I prefer having the smallest patch for stable
kernels : Maybe some skb_dst_force() callers do not expect skb->dst
can suddenly be cleared.
Can probably be backported back to linux-3.6 kernels
Reported-by: David J. Wilder <dwilder@us.ibm.com>
Tested-by: David J. Wilder <dwilder@us.ibm.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-12-14 14:08:53 -08:00
if ( ! dst_hold_safe ( dst ) )
dst = NULL ;
skb - > _skb_refdst = ( unsigned long ) dst ;
}
}
2010-05-17 22:36:55 -07:00
2010-09-27 00:33:35 +00:00
/**
* __skb_tunnel_rx - prepare skb for rx reinsert
* @ skb : buffer
* @ dev : tunnel device
2013-09-02 15:34:58 +02:00
* @ net : netns for packet i / o
2010-09-27 00:33:35 +00:00
*
* After decapsulation , packet is going to re - enter ( netif_rx ( ) ) our stack ,
* so make some cleanups . ( no accounting done )
*/
2013-09-02 15:34:58 +02:00
static inline void __skb_tunnel_rx ( struct sk_buff * skb , struct net_device * dev ,
struct net * net )
2010-09-27 00:33:35 +00:00
{
skb - > dev = dev ;
2011-08-14 19:45:55 +00:00
/*
2013-12-15 22:12:18 -08:00
* Clear hash so that we can recalulate the hash for the
2011-08-14 19:45:55 +00:00
* encapsulated packet , unless we have already determine the hash
* over the L4 4 - tuple .
*/
2013-12-15 22:12:18 -08:00
skb_clear_hash_if_not_l4 ( skb ) ;
2010-09-27 00:33:35 +00:00
skb_set_queue_mapping ( skb , 0 ) ;
2013-09-02 15:34:58 +02:00
skb_scrub_packet ( skb , ! net_eq ( net , dev_net ( dev ) ) ) ;
2010-09-27 00:33:35 +00:00
}
2010-05-17 22:36:55 -07:00
/**
* skb_tunnel_rx - prepare skb for rx reinsert
* @ skb : buffer
* @ dev : tunnel device
2018-03-04 03:29:53 +01:00
* @ net : netns for packet i / o
2010-05-17 22:36:55 -07:00
*
* After decapsulation , packet is going to re - enter ( netif_rx ( ) ) our stack ,
* so make some cleanups , and perform accounting .
2010-09-27 00:33:35 +00:00
* Note : this accounting is not SMP safe .
2010-05-17 22:36:55 -07:00
*/
2013-09-02 15:34:58 +02:00
static inline void skb_tunnel_rx ( struct sk_buff * skb , struct net_device * dev ,
struct net * net )
2010-05-17 22:36:55 -07:00
{
/* TODO : stats should be SMP safe */
dev - > stats . rx_packets + + ;
dev - > stats . rx_bytes + = skb - > len ;
2013-09-02 15:34:58 +02:00
__skb_tunnel_rx ( skb , dev , net ) ;
2010-05-17 22:36:55 -07:00
}
2016-03-16 01:42:50 +01:00
static inline u32 dst_tclassid ( const struct sk_buff * skb )
{
# ifdef CONFIG_IP_ROUTE_CLASSID
const struct dst_entry * dst ;
dst = skb_dst ( skb ) ;
if ( dst )
return dst - > tclassid ;
# endif
return 0 ;
}
2015-10-07 16:48:47 -05:00
int dst_discard_out ( struct net * net , struct sock * sk , struct sk_buff * skb ) ;
2014-04-15 13:47:15 -04:00
static inline int dst_discard ( struct sk_buff * skb )
{
2015-10-07 16:48:47 -05:00
return dst_discard_out ( & init_net , skb - > sk , skb ) ;
2014-04-15 13:47:15 -04:00
}
2013-09-20 11:23:21 -07:00
void * dst_alloc ( struct dst_ops * ops , struct net_device * dev , int initial_ref ,
int initial_obsolete , unsigned short flags ) ;
2015-07-21 10:43:56 +02:00
void dst_init ( struct dst_entry * dst , struct dst_ops * ops ,
struct net_device * dev , int initial_ref , int initial_obsolete ,
unsigned short flags ) ;
2013-09-20 11:23:21 -07:00
struct dst_entry * dst_destroy ( struct dst_entry * dst ) ;
2017-06-17 10:42:28 -07:00
void dst_dev_put ( struct dst_entry * dst ) ;
2005-04-16 15:20:36 -07:00
static inline void dst_confirm ( struct dst_entry * dst )
{
2012-07-02 02:21:03 -07:00
}
2011-07-29 19:00:53 +00:00
2011-07-18 00:40:17 -07:00
static inline struct neighbour * dst_neigh_lookup ( const struct dst_entry * dst , const void * daddr )
{
2013-03-14 17:21:50 +00:00
struct neighbour * n = dst - > ops - > neigh_lookup ( dst , NULL , daddr ) ;
return IS_ERR ( n ) ? NULL : n ;
2012-07-02 21:52:24 -07:00
}
static inline struct neighbour * dst_neigh_lookup_skb ( const struct dst_entry * dst ,
struct sk_buff * skb )
{
2013-03-14 17:21:50 +00:00
struct neighbour * n = dst - > ops - > neigh_lookup ( dst , skb , NULL ) ;
return IS_ERR ( n ) ? NULL : n ;
2011-07-18 00:40:17 -07:00
}
2017-02-06 23:14:15 +02:00
static inline void dst_confirm_neigh ( const struct dst_entry * dst ,
const void * daddr )
{
if ( dst - > ops - > confirm_neigh )
dst - > ops - > confirm_neigh ( dst , daddr ) ;
}
2005-04-16 15:20:36 -07:00
static inline void dst_link_failure ( struct sk_buff * skb )
{
2009-06-02 05:19:30 +00:00
struct dst_entry * dst = skb_dst ( skb ) ;
2005-04-16 15:20:36 -07:00
if ( dst & & dst - > ops & & dst - > ops - > link_failure )
dst - > ops - > link_failure ( skb ) ;
}
static inline void dst_set_expires ( struct dst_entry * dst , int timeout )
{
unsigned long expires = jiffies + timeout ;
if ( expires = = 0 )
expires = 1 ;
if ( dst - > expires = = 0 | | time_before ( expires , dst - > expires ) )
dst - > expires = expires ;
}
/* Output packet to network from transport. */
2015-10-07 16:48:35 -05:00
static inline int dst_output ( struct net * net , struct sock * sk , struct sk_buff * skb )
2014-04-15 13:47:15 -04:00
{
2015-10-07 16:48:47 -05:00
return skb_dst ( skb ) - > output ( net , sk , skb ) ;
2014-04-15 13:47:15 -04:00
}
2005-04-16 15:20:36 -07:00
/* Input packet from network to transport. */
static inline int dst_input ( struct sk_buff * skb )
{
2009-06-02 05:19:30 +00:00
return skb_dst ( skb ) - > input ( skb ) ;
2005-04-16 15:20:36 -07:00
}
static inline struct dst_entry * dst_check ( struct dst_entry * dst , u32 cookie )
{
if ( dst - > obsolete )
dst = dst - > ops - > check ( dst , cookie ) ;
return dst ;
}
2007-12-12 10:36:59 -08:00
/* Flags for xfrm_lookup flags argument. */
enum {
2011-03-01 14:36:37 -08:00
XFRM_LOOKUP_ICMP = 1 < < 0 ,
2014-09-16 10:08:49 +02:00
XFRM_LOOKUP_QUEUE = 1 < < 1 ,
2015-02-11 18:10:36 +01:00
XFRM_LOOKUP_KEEP_DST_REF = 1 < < 2 ,
2007-12-12 10:36:59 -08:00
} ;
2005-04-16 15:20:36 -07:00
struct flowi ;
# ifndef CONFIG_XFRM
2011-03-02 13:27:41 -08:00
static inline struct dst_entry * xfrm_lookup ( struct net * net ,
struct dst_entry * dst_orig ,
2015-09-25 07:39:10 -07:00
const struct flowi * fl ,
const struct sock * sk ,
2011-03-02 13:27:41 -08:00
int flags )
2005-04-16 15:20:36 -07:00
{
2011-03-02 13:27:41 -08:00
return dst_orig ;
2014-09-16 10:08:40 +02:00
}
2018-07-19 10:50:44 -07:00
static inline struct dst_entry *
xfrm_lookup_with_ifid ( struct net * net , struct dst_entry * dst_orig ,
const struct flowi * fl , const struct sock * sk ,
int flags , u32 if_id )
{
return dst_orig ;
}
2014-09-16 10:08:40 +02:00
static inline struct dst_entry * xfrm_lookup_route ( struct net * net ,
struct dst_entry * dst_orig ,
const struct flowi * fl ,
2015-09-25 07:39:10 -07:00
const struct sock * sk ,
2014-09-16 10:08:40 +02:00
int flags )
{
return dst_orig ;
}
2013-10-15 22:01:29 -04:00
static inline struct xfrm_state * dst_xfrm ( const struct dst_entry * dst )
{
return NULL ;
}
2005-04-16 15:20:36 -07:00
# else
2013-09-20 11:23:21 -07:00
struct dst_entry * xfrm_lookup ( struct net * net , struct dst_entry * dst_orig ,
2015-09-25 07:39:10 -07:00
const struct flowi * fl , const struct sock * sk ,
2013-09-20 11:23:21 -07:00
int flags ) ;
2013-10-15 22:01:29 -04:00
2018-07-19 10:50:44 -07:00
struct dst_entry * xfrm_lookup_with_ifid ( struct net * net ,
struct dst_entry * dst_orig ,
const struct flowi * fl ,
const struct sock * sk , int flags ,
u32 if_id ) ;
2014-09-16 10:08:40 +02:00
struct dst_entry * xfrm_lookup_route ( struct net * net , struct dst_entry * dst_orig ,
2015-09-25 07:39:10 -07:00
const struct flowi * fl , const struct sock * sk ,
2014-09-16 10:08:40 +02:00
int flags ) ;
2013-10-15 22:01:29 -04:00
/* skb attached with this dst needs transformation if dst->xfrm is valid */
static inline struct xfrm_state * dst_xfrm ( const struct dst_entry * dst )
{
return dst - > xfrm ;
}
2005-04-16 15:20:36 -07:00
# endif
2018-01-25 19:03:03 +01:00
static inline void skb_dst_update_pmtu ( struct sk_buff * skb , u32 mtu )
{
struct dst_entry * dst = skb_dst ( skb ) ;
if ( dst & & dst - > ops - > update_pmtu )
dst - > ops - > update_pmtu ( dst , NULL , skb , mtu ) ;
}
2018-10-12 23:53:59 +02:00
static inline void skb_tunnel_check_pmtu ( struct sk_buff * skb ,
struct dst_entry * encap_dst ,
int headroom )
{
u32 encap_mtu = dst_mtu ( encap_dst ) ;
if ( skb - > len > encap_mtu - headroom )
skb_dst_update_pmtu ( skb , encap_mtu - headroom ) ;
}
2005-04-16 15:20:36 -07:00
# endif /* _NET_DST_H */