From: Neil Horman <nhorman@tuxdriver.com>
To: Ben Hutchings <bhutchings@solarflare.com>
Cc: netdev@vger.kernel.org
Subject: Re: [PATCH 0/2] pktgen: Clone skb to avoid corruption of skbs in ndo_start_xmit methods (v3)
Date: Tue, 23 Aug 2011 11:13:54 -0400 [thread overview]
Message-ID: <20110823151354.GA21473@hmsreliant.think-freely.org> (raw)
In-Reply-To: <1314108084.2821.5.camel@bwh-desktop>
On Tue, Aug 23, 2011 at 03:01:24PM +0100, Ben Hutchings wrote:
> On Mon, 2011-08-22 at 14:14 -0400, Neil Horman wrote:
> > On Mon, Aug 22, 2011 at 05:17:37PM +0100, Ben Hutchings wrote:
> > > On Sun, 2011-08-21 at 20:27 -0400, Neil Horman wrote:
> > > > On Wed, Aug 17, 2011 at 04:07:17PM +0100, Ben Hutchings wrote:
> > > > > On Tue, 2011-07-26 at 12:05 -0400, Neil Horman wrote:
> > > > > > Ok, after considering all your comments, Dave suggested this as an alternate
> > > > > > approach:
> > > > > >
> > > > > > 1) We create a new priv_flag, IFF_SKB_TX_SHARED, to identify drivers capable of
> > > > > > handling shared skbs. Default is to not set this flag
> > > > > >
> > > > > > 2) Modify ether_setup to enable this flag, under the assumption that any driver
> > > > > > calling this function is initalizing a real ethernet device and as such can
> > > > > > handle shared skbs since they don't tend to store state in the skb struct.
> > > > > > Pktgen can then query this flag when a user script attempts to issue the
> > > > > > clone_skb command and decide if it is to be alowed or not.
> > > > > [...]
> > > > >
> > > > > A bunch of Ethernet drivers do skb_pad() or skb_padto() in their
> > > > > ndo_start_xmit implementations, either to avoid hardware bugs or because
> > > > > the MAC doesn't automatically pad to the minimum frame length. This
> > > > > presumably means they can't generally handle shared skbs, though in the
> > > > > specific case of pktgen it should be safe as long as a single skb is not
> > > > > submitted by multiple threads at once.
> > > > >
> > > > Agreed, given that pktgen is doing skb sharing in a serialized manner (i.e. one
> > > > thread of execution increasing skb->users rather than in multiple threads), the
> > > > skb_pad[to] cases are safe. Are there cases in which shared skbs are
> > > > transmitted in parallel threads that we need to check for?
> > >
> > > Not that I'm aware of. However, you have defined the flag to mean 'safe
> > > to send shared skbs', and this is not generally true for those drivers.
> > >
> > > So please decide whether:
> > > a. The flag means 'safe to send shared skbs' (i.e. the TX path does not
> > > modify the skb) and drivers which pad must clear it on their devices.
> > > b. The flag means 'safe to send shared skbs in the way ptkgen does', and
> > > the restrictions this places on the user and driver should be specified.
> > >
> >
> > The flag means safe to send shared skbs.
> >
> > Actually looking closer at this, I don't think this is much of a problem at all.
> > The flag is cleared on devices for which it is unsafe to send shared skbs, not
> > because there are multiple users of the skb in parallel, but because the driver
> > expects to have continued exclusive access to the skb after the drivers
> > ndo_start_xmit method returns.
> >
> > In the pktgen case, skbs have skb->users > 1, but all users exist in the same
> > execution context, making their transmission serialized.
> [...]
>
> So it is not *generally* safe to send shared skbs to drivers that make
> idempotent changes to the skb. There is a restriction and while pktgen
> operates within it today I don't want it to be an unwritten assumption.
>
It _is_ generally safe to make idempotent changes to an skb when their shared,
thats what I was explaining in my previous post. The only restriction we need
to concern ourselves with is the drivers assumption that any modifications
(idempotent or not) will be preserved after the return from ndo_start_xmit.
> > So even though drivers that call skb_pad[to] modify the skb, its perfectly ok to
> > do so, as long as they don't assume that the struct skb will remain in that
> > state after the driver is done with it.
> >
> > This works out perfectly well for skb_padto calls, since the function reduces to
> > a no-op after the minimal tail size has been reached.
> [...]
>
> Right, that's what I want to be specified. Did you miss my own
> follow-up? I proposed this description for the interface flag:
>
> The ndo_start_xmit operation for this interface either does not
> modify the given skb or modifies it idempotently. A single skb
> may be transmitted repeatedly on a single queue of this
> interface, but not on multiple queues or on multiple interfaces.
>
No, I read it, I just don't agree with it. :). Specifically I disagree with the
langauge indicating that you cannot transmit a shared skb on multiple queues or
on multiple interfaces. You can in fact do that sanely with shared skbs,
because to do so you are required to serialize their transmission anyway. By
definition they're shared, and you can't send them to multiple devices without
modifing data in the skb that may be read in parallel in an alternate execution
context.
In short, what I'm saying is that there is no way to safely send a shared skb in
parallel to multiple queues/interfaces without introducing other bugs orthogonal
to the one prevented by the flag I added. The only thing the flag indicates is
that the driver can't handle non-idempotent changes to skbs (like being added to
an sk_buff_head list)
I think if you really want to clarify the meaning of the flag, I would add
language to it like:
The ndo_start_xmit operation either makes no changes to the skb data,
or makes only idempotent changes, and does not expect any changes to
persist after the return from nod_start_xmit
Its really the expectation of persistence that we need to worry about here. If
a driver adds an skb to a list for deferred transmission, for example, it
assumes that it owns the skb, and that its state will remain unchanged after the
return from ndo_start_xmit, but in the shared case thats not a safe assumption
to make because in the shared case teh network stack is once again free to
modify the skb.
If you're ok with my language, I'll put a patch together for that.
Neil
> Ben.
>
> --
> Ben Hutchings, Staff Engineer, Solarflare
> Not speaking for my employer; that's the marketing department's job.
> They asked us to note that Solarflare product names are trademarked.
>
>
next prev parent reply other threads:[~2011-08-23 15:14 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-19 19:52 [PATCH] pktgen: Clone skb to avoid corruption of skbs in ndo_start_xmit methods Neil Horman
2011-07-19 20:02 ` Eric Dumazet
2011-07-19 20:17 ` Joe Perches
2011-07-19 20:29 ` Jiri Pirko
2011-07-19 20:41 ` Eric Dumazet
2011-07-19 21:01 ` Ben Greear
2011-07-20 0:19 ` Neil Horman
2011-07-20 0:25 ` Rick Jones
2011-07-20 15:23 ` Loke, Chetan
2011-07-20 0:43 ` Eric Dumazet
2011-07-20 0:52 ` Ben Greear
2011-07-20 2:07 ` Neil Horman
2011-07-20 4:19 ` Ben Greear
2011-07-20 4:24 ` Eric Dumazet
2011-07-20 15:17 ` Loke, Chetan
2011-07-20 15:18 ` Neil Horman
2011-07-20 15:30 ` Eric Dumazet
2011-07-20 15:39 ` Neil Horman
2011-07-20 15:44 ` Eric Dumazet
2011-07-20 16:19 ` Neil Horman
2011-07-20 15:35 ` Michał Mirosław
2011-07-20 15:40 ` Neil Horman
2011-07-20 16:08 ` Michał Mirosław
2011-07-20 16:18 ` Neil Horman
2011-07-20 16:37 ` Ben Greear
2011-07-20 16:33 ` Ben Greear
2011-07-20 16:36 ` Neil Horman
2011-07-21 22:01 ` David Miller
2011-07-21 22:14 ` Ben Greear
2011-07-21 22:19 ` David Miller
2011-07-21 22:26 ` Ben Greear
2011-07-21 23:50 ` Neil Horman
2011-07-22 0:08 ` David Miller
2011-07-22 1:37 ` Neil Horman
2011-07-20 1:59 ` Neil Horman
2011-07-25 19:45 ` [PATCH 0/2] pktgen: Clone skb to avoid corruption of skbs in ndo_start_xmit methods (v2) Neil Horman
2011-07-25 19:45 ` [PATCH 1/2] net: add IFF_SKB_TX_SHARED flag to priv_flags Neil Horman
2011-07-25 20:11 ` Eric Dumazet
2011-07-26 14:54 ` Neil Horman
2011-07-25 19:45 ` [PATCH 2/2] net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared Neil Horman
2011-07-26 18:34 ` Krzysztof Halasa
2011-07-26 16:05 ` [PATCH 0/2] pktgen: Clone skb to avoid corruption of skbs in ndo_start_xmit methods (v3) Neil Horman
2011-07-26 16:05 ` [PATCH 1/2] net: add IFF_SKB_TX_SHARED flag to priv_flags Neil Horman
2011-07-28 5:42 ` David Miller
2011-07-28 8:15 ` Robert Olsson
2011-07-28 10:50 ` Neil Horman
2011-07-26 16:05 ` [PATCH 2/2] net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared Neil Horman
2011-07-28 5:42 ` David Miller
2011-07-29 6:16 ` [PATCH 0/2] pktgen: Clone skb to avoid corruption of skbs in ndo_start_xmit methods (v3) Michael S. Tsirkin
2011-07-29 11:19 ` Neil Horman
2011-08-17 15:07 ` Ben Hutchings
2011-08-22 0:27 ` Neil Horman
2011-08-22 16:17 ` Ben Hutchings
2011-08-22 17:33 ` Ben Hutchings
2011-08-22 18:14 ` Neil Horman
2011-08-23 14:01 ` Ben Hutchings
2011-08-23 15:13 ` Neil Horman [this message]
2011-08-23 15:53 ` Ben Hutchings
2011-08-23 16:21 ` Neil Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110823151354.GA21473@hmsreliant.think-freely.org \
--to=nhorman@tuxdriver.com \
--cc=bhutchings@solarflare.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.