* [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks.
@ 2021-11-22 17:41 Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 01/13] af_unix: Use offsetof() instead of sizeof() Kuniyuki Iwashima
` (12 more replies)
0 siblings, 13 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
The hash table of AF_UNIX sockets is protected by a single big lock,
unix_table_lock. This series replaces it with small per-hash locks.
1st - 2nd : Misc refactoring
3rd - 8th : Separate BSD/abstract address logics
9th - 11th : Prep to save a hash in each socket
12th : Replace the big lock
13th : Speed up autobind()
After this series land in bpf-next, I will post another series to support
bpf batching iteration and bpf_(get|set)sockopt for AF_UNIX sockets.
Note to maintainers:
The 12th patch adds two kinds of Sparse warnings on patchwork:
about unix_table_double_lock/unlock()
We can avoid this by adding two apparent acquires/releases annotations,
but there are the same kinds of warnings about unix_state_double_lock().
about unix_next_socket() and unix_seq_stop() (/proc/net/unix)
This is because Sparse does not understand logic in unix_next_socket(),
which leaves a spin lock held until it returns NULL.
Also, tcp_seq_stop() causes a warning for the same reason.
These warnings seem reasonable, but let me know if there is any better way.
Please see [0] for details.
[0]: https://lore.kernel.org/netdev/20211117001611.74123-1-kuniyu@amazon.co.jp/
Changelog:
v2:
https://lore.kernel.org/netdev/20211114012428.81743-1-kuniyu@amazon.co.jp/
12th: Use spin_lock_nested()
13th: Avoid infinite loop (Eric Dumazet)
13th: s/initnum/lastnum/
v1:
https://lore.kernel.org/netdev/20211106091712.15206-1-kuniyu@amazon.co.jp/
Kuniyuki Iwashima (13):
af_unix: Use offsetof() instead of sizeof().
af_unix: Pass struct sock to unix_autobind().
af_unix: Factorise unix_find_other() based on address types.
af_unix: Return an error as a pointer in unix_find_other().
af_unix: Cut unix_validate_addr() out of unix_mkname().
af_unix: Copy unix_mkname() into unix_find_(bsd|abstract)().
af_unix: Remove unix_mkname().
af_unix: Allocate unix_address in unix_bind_(bsd|abstract)().
af_unix: Remove UNIX_ABSTRACT() macro and test sun_path[0] instead.
af_unix: Add helpers to calculate hashes.
af_unix: Save hash in sk_hash.
af_unix: Replace the big lock with small locks.
af_unix: Relax race in unix_autobind().
include/net/af_unix.h | 3 +-
net/unix/af_unix.c | 555 ++++++++++--------
net/unix/diag.c | 23 +-
.../selftests/bpf/progs/bpf_iter_unix.c | 2 +-
.../selftests/bpf/progs/bpf_tracing_net.h | 2 -
.../bpf/progs/test_skc_to_unix_sock.c | 2 +-
6 files changed, 333 insertions(+), 254 deletions(-)
--
2.30.2
^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 01/13] af_unix: Use offsetof() instead of sizeof().
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 02/13] af_unix: Pass struct sock to unix_autobind() Kuniyuki Iwashima
` (11 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
The length of the AF_UNIX socket address contains an offset to the member
sun_path of struct sockaddr_un.
Currently, the preceding member is just sun_family, and its type is
sa_family_t and resolved to short. Therefore, the offset is represented by
sizeof(short). However, it is not clear and fragile to changes in struct
sockaddr_storage or sockaddr_un.
This commit makes it clear and robust by rewriting sizeof() with
offsetof().
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 15 ++++++++-------
net/unix/diag.c | 3 ++-
2 files changed, 10 insertions(+), 8 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 54e5553a150e..2906746e6526 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -231,7 +231,7 @@ static int unix_mkname(struct sockaddr_un *sunaddr, int len, unsigned int *hashp
{
*hashp = 0;
- if (len <= sizeof(short) || len > sizeof(*sunaddr))
+ if (len <= offsetof(struct sockaddr_un, sun_path) || len > sizeof(*sunaddr))
return -EINVAL;
if (!sunaddr || sunaddr->sun_family != AF_UNIX)
return -EINVAL;
@@ -244,7 +244,7 @@ static int unix_mkname(struct sockaddr_un *sunaddr, int len, unsigned int *hashp
* kernel address buffer.
*/
((char *)sunaddr)[len] = 0;
- len = strlen(sunaddr->sun_path)+1+sizeof(short);
+ len = strlen(sunaddr->sun_path) + offsetof(struct sockaddr_un, sun_path) + 1;
return len;
}
@@ -966,7 +966,7 @@ static int unix_autobind(struct socket *sock)
goto out;
err = -ENOMEM;
- addr = kzalloc(sizeof(*addr) + sizeof(short) + 16, GFP_KERNEL);
+ addr = kzalloc(sizeof(*addr) + offsetof(struct sockaddr_un, sun_path) + 16, GFP_KERNEL);
if (!addr)
goto out;
@@ -974,7 +974,8 @@ static int unix_autobind(struct socket *sock)
refcount_set(&addr->refcnt, 1);
retry:
- addr->len = sprintf(addr->name->sun_path+1, "%05x", ordernum) + 1 + sizeof(short);
+ addr->len = sprintf(addr->name->sun_path + 1, "%05x", ordernum) +
+ offsetof(struct sockaddr_un, sun_path) + 1;
addr->hash = unix_hash_fold(csum_partial(addr->name, addr->len, 0));
addr->hash ^= sk->sk_type;
@@ -1156,7 +1157,7 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
sunaddr->sun_family != AF_UNIX)
return -EINVAL;
- if (addr_len == sizeof(short))
+ if (addr_len == offsetof(struct sockaddr_un, sun_path))
return unix_autobind(sock);
err = unix_mkname(sunaddr, addr_len, &hash);
@@ -1600,7 +1601,7 @@ static int unix_getname(struct socket *sock, struct sockaddr *uaddr, int peer)
if (!addr) {
sunaddr->sun_family = AF_UNIX;
sunaddr->sun_path[0] = 0;
- err = sizeof(short);
+ err = offsetof(struct sockaddr_un, sun_path);
} else {
err = addr->len;
memcpy(sunaddr, addr->name, addr->len);
@@ -3231,7 +3232,7 @@ static int unix_seq_show(struct seq_file *seq, void *v)
seq_putc(seq, ' ');
i = 0;
- len = u->addr->len - sizeof(short);
+ len = u->addr->len - offsetof(struct sockaddr_un, sun_path);
if (!UNIX_ABSTRACT(s))
len--;
else {
diff --git a/net/unix/diag.c b/net/unix/diag.c
index 7e7d7f45685a..db555f267407 100644
--- a/net/unix/diag.c
+++ b/net/unix/diag.c
@@ -19,7 +19,8 @@ static int sk_diag_dump_name(struct sock *sk, struct sk_buff *nlskb)
if (!addr)
return 0;
- return nla_put(nlskb, UNIX_DIAG_NAME, addr->len - sizeof(short),
+ return nla_put(nlskb, UNIX_DIAG_NAME,
+ addr->len - offsetof(struct sockaddr_un, sun_path),
addr->name->sun_path);
}
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 02/13] af_unix: Pass struct sock to unix_autobind().
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 01/13] af_unix: Use offsetof() instead of sizeof() Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 03/13] af_unix: Factorise unix_find_other() based on address types Kuniyuki Iwashima
` (10 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
We do not use struct socket in unix_autobind() and pass struct sock to
unix_bind_bsd() and unix_bind_abstract(). Let's pass it to unix_autobind()
as well.
Also, this patch fixes these errors by checkpatch.pl.
ERROR: do not use assignment in if condition
#1795: FILE: net/unix/af_unix.c:1795:
+ if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr
CHECK: Logical continuations should be on the previous line
#1796: FILE: net/unix/af_unix.c:1796:
+ if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr
+ && (err = unix_autobind(sock)) != 0)
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 36 ++++++++++++++++++++----------------
1 file changed, 20 insertions(+), 16 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 2906746e6526..5153832309b4 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -948,15 +948,13 @@ static int unix_release(struct socket *sock)
return 0;
}
-static int unix_autobind(struct socket *sock)
+static int unix_autobind(struct sock *sk)
{
- struct sock *sk = sock->sk;
- struct net *net = sock_net(sk);
struct unix_sock *u = unix_sk(sk);
- static u32 ordernum = 1;
struct unix_address *addr;
- int err;
unsigned int retries = 0;
+ static u32 ordernum = 1;
+ int err;
err = mutex_lock_interruptible(&u->bindlock);
if (err)
@@ -982,7 +980,7 @@ static int unix_autobind(struct socket *sock)
spin_lock(&unix_table_lock);
ordernum = (ordernum+1)&0xFFFFF;
- if (__unix_find_socket_byname(net, addr->name, addr->len, addr->hash)) {
+ if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, addr->hash)) {
spin_unlock(&unix_table_lock);
/*
* __unix_find_socket_byname() may take long time if many names
@@ -1158,7 +1156,7 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
return -EINVAL;
if (addr_len == offsetof(struct sockaddr_un, sun_path))
- return unix_autobind(sock);
+ return unix_autobind(sk);
err = unix_mkname(sunaddr, addr_len, &hash);
if (err < 0)
@@ -1227,9 +1225,11 @@ static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
goto out;
alen = err;
- if (test_bit(SOCK_PASSCRED, &sock->flags) &&
- !unix_sk(sk)->addr && (err = unix_autobind(sock)) != 0)
- goto out;
+ if (test_bit(SOCK_PASSCRED, &sock->flags) && !unix_sk(sk)->addr) {
+ err = unix_autobind(sk);
+ if (err)
+ goto out;
+ }
restart:
other = unix_find_other(net, sunaddr, alen, sock->type, hash, &err);
@@ -1334,9 +1334,11 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
goto out;
addr_len = err;
- if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr &&
- (err = unix_autobind(sock)) != 0)
- goto out;
+ if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr) {
+ err = unix_autobind(sk);
+ if (err)
+ goto out;
+ }
timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
@@ -1788,9 +1790,11 @@ static int unix_dgram_sendmsg(struct socket *sock, struct msghdr *msg,
goto out;
}
- if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr
- && (err = unix_autobind(sock)) != 0)
- goto out;
+ if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr) {
+ err = unix_autobind(sk);
+ if (err)
+ goto out;
+ }
err = -EMSGSIZE;
if (len > sk->sk_sndbuf - 32)
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 03/13] af_unix: Factorise unix_find_other() based on address types.
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 01/13] af_unix: Use offsetof() instead of sizeof() Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 02/13] af_unix: Pass struct sock to unix_autobind() Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 04/13] af_unix: Return an error as a pointer in unix_find_other() Kuniyuki Iwashima
` (9 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
As done in the commit fa42d910a38e ("unix_bind(): take BSD and abstract
address cases into new helpers"), this patch moves BSD and abstract address
cases from unix_find_other() into unix_find_bsd() and unix_find_abstract().
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 133 ++++++++++++++++++++++++++-------------------
1 file changed, 78 insertions(+), 55 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 5153832309b4..248bf85c1e56 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -948,6 +948,84 @@ static int unix_release(struct socket *sock)
return 0;
}
+static struct sock *unix_find_bsd(struct net *net, struct sockaddr_un *sunaddr,
+ int type, int *error)
+{
+ struct inode *inode;
+ struct path path;
+ struct sock *sk;
+ int err;
+
+ err = kern_path(sunaddr->sun_path, LOOKUP_FOLLOW, &path);
+ if (err)
+ goto fail;
+
+ err = path_permission(&path, MAY_WRITE);
+ if (err)
+ goto path_put;
+
+ err = -ECONNREFUSED;
+ inode = d_backing_inode(path.dentry);
+ if (!S_ISSOCK(inode->i_mode))
+ goto path_put;
+
+ sk = unix_find_socket_byinode(inode);
+ if (!sk)
+ goto path_put;
+
+ err = -EPROTOTYPE;
+ if (sk->sk_type == type)
+ touch_atime(&path);
+ else
+ goto sock_put;
+
+ path_put(&path);
+
+ return sk;
+
+sock_put:
+ sock_put(sk);
+path_put:
+ path_put(&path);
+fail:
+ *error = err;
+ return NULL;
+}
+
+static struct sock *unix_find_abstract(struct net *net, struct sockaddr_un *sunaddr,
+ int addr_len, int type, unsigned int hash,
+ int *error)
+{
+ struct dentry *dentry;
+ struct sock *sk;
+
+ sk = unix_find_socket_byname(net, sunaddr, addr_len, type ^ hash);
+ if (!sk) {
+ *error = -ECONNREFUSED;
+ return NULL;
+ }
+
+ dentry = unix_sk(sk)->path.dentry;
+ if (dentry)
+ touch_atime(&unix_sk(sk)->path);
+
+ return sk;
+}
+
+static struct sock *unix_find_other(struct net *net, struct sockaddr_un *sunaddr,
+ int addr_len, int type, unsigned int hash,
+ int *error)
+{
+ struct sock *sk;
+
+ if (sunaddr->sun_path[0])
+ sk = unix_find_bsd(net, sunaddr, type, error);
+ else
+ sk = unix_find_abstract(net, sunaddr, addr_len, type, hash, error);
+
+ return sk;
+}
+
static int unix_autobind(struct sock *sk)
{
struct unix_sock *u = unix_sk(sk);
@@ -1004,61 +1082,6 @@ out: mutex_unlock(&u->bindlock);
return err;
}
-static struct sock *unix_find_other(struct net *net,
- struct sockaddr_un *sunname, int len,
- int type, unsigned int hash, int *error)
-{
- struct sock *u;
- struct path path;
- int err = 0;
-
- if (sunname->sun_path[0]) {
- struct inode *inode;
- err = kern_path(sunname->sun_path, LOOKUP_FOLLOW, &path);
- if (err)
- goto fail;
- inode = d_backing_inode(path.dentry);
- err = path_permission(&path, MAY_WRITE);
- if (err)
- goto put_fail;
-
- err = -ECONNREFUSED;
- if (!S_ISSOCK(inode->i_mode))
- goto put_fail;
- u = unix_find_socket_byinode(inode);
- if (!u)
- goto put_fail;
-
- if (u->sk_type == type)
- touch_atime(&path);
-
- path_put(&path);
-
- err = -EPROTOTYPE;
- if (u->sk_type != type) {
- sock_put(u);
- goto fail;
- }
- } else {
- err = -ECONNREFUSED;
- u = unix_find_socket_byname(net, sunname, len, type ^ hash);
- if (u) {
- struct dentry *dentry;
- dentry = unix_sk(u)->path.dentry;
- if (dentry)
- touch_atime(&unix_sk(u)->path);
- } else
- goto fail;
- }
- return u;
-
-put_fail:
- path_put(&path);
-fail:
- *error = err;
- return NULL;
-}
-
static int unix_bind_bsd(struct sock *sk, struct unix_address *addr)
{
struct unix_sock *u = unix_sk(sk);
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 04/13] af_unix: Return an error as a pointer in unix_find_other().
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (2 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 03/13] af_unix: Factorise unix_find_other() based on address types Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 05/13] af_unix: Cut unix_validate_addr() out of unix_mkname() Kuniyuki Iwashima
` (8 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
We can return an error as a pointer and need not pass an additional
argument to unix_find_other().
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 42 ++++++++++++++++++++++--------------------
1 file changed, 22 insertions(+), 20 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 248bf85c1e56..98fb8074fe19 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -949,7 +949,7 @@ static int unix_release(struct socket *sock)
}
static struct sock *unix_find_bsd(struct net *net, struct sockaddr_un *sunaddr,
- int type, int *error)
+ int type)
{
struct inode *inode;
struct path path;
@@ -988,22 +988,18 @@ static struct sock *unix_find_bsd(struct net *net, struct sockaddr_un *sunaddr,
path_put:
path_put(&path);
fail:
- *error = err;
- return NULL;
+ return ERR_PTR(err);
}
static struct sock *unix_find_abstract(struct net *net, struct sockaddr_un *sunaddr,
- int addr_len, int type, unsigned int hash,
- int *error)
+ int addr_len, int type, unsigned int hash)
{
struct dentry *dentry;
struct sock *sk;
sk = unix_find_socket_byname(net, sunaddr, addr_len, type ^ hash);
- if (!sk) {
- *error = -ECONNREFUSED;
- return NULL;
- }
+ if (!sk)
+ return ERR_PTR(-ECONNREFUSED);
dentry = unix_sk(sk)->path.dentry;
if (dentry)
@@ -1013,15 +1009,14 @@ static struct sock *unix_find_abstract(struct net *net, struct sockaddr_un *suna
}
static struct sock *unix_find_other(struct net *net, struct sockaddr_un *sunaddr,
- int addr_len, int type, unsigned int hash,
- int *error)
+ int addr_len, int type, unsigned int hash)
{
struct sock *sk;
if (sunaddr->sun_path[0])
- sk = unix_find_bsd(net, sunaddr, type, error);
+ sk = unix_find_bsd(net, sunaddr, type);
else
- sk = unix_find_abstract(net, sunaddr, addr_len, type, hash, error);
+ sk = unix_find_abstract(net, sunaddr, addr_len, type, hash);
return sk;
}
@@ -1255,9 +1250,11 @@ static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
}
restart:
- other = unix_find_other(net, sunaddr, alen, sock->type, hash, &err);
- if (!other)
+ other = unix_find_other(net, sunaddr, alen, sock->type, hash);
+ if (IS_ERR(other)) {
+ err = PTR_ERR(other);
goto out;
+ }
unix_state_double_lock(sk, other);
@@ -1387,9 +1384,12 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
restart:
/* Find listening sock. */
- other = unix_find_other(net, sunaddr, addr_len, sk->sk_type, hash, &err);
- if (!other)
+ other = unix_find_other(net, sunaddr, addr_len, sk->sk_type, hash);
+ if (IS_ERR(other)) {
+ err = PTR_ERR(other);
+ other = NULL;
goto out;
+ }
/* Latch state of peer */
unix_state_lock(other);
@@ -1857,10 +1857,12 @@ static int unix_dgram_sendmsg(struct socket *sock, struct msghdr *msg,
if (sunaddr == NULL)
goto out_free;
- other = unix_find_other(net, sunaddr, namelen, sk->sk_type,
- hash, &err);
- if (other == NULL)
+ other = unix_find_other(net, sunaddr, namelen, sk->sk_type, hash);
+ if (IS_ERR(other)) {
+ err = PTR_ERR(other);
+ other = NULL;
goto out_free;
+ }
}
if (sk_filter(other, skb) < 0) {
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 05/13] af_unix: Cut unix_validate_addr() out of unix_mkname().
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (3 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 04/13] af_unix: Return an error as a pointer in unix_find_other() Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 06/13] af_unix: Copy unix_mkname() into unix_find_(bsd|abstract)() Kuniyuki Iwashima
` (7 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
unix_mkname() tests socket address length and family and does some
processing based on the address type. It is called in the early stage,
and therefore some instructions are redundant and can end up in vain.
The address length/family tests are done twice in unix_bind(). Also, the
address type is rechecked later in unix_bind() and unix_find_other(), where
we can do the same processing. Moreover, in the BSD address case, the hash
is set to 0 but never used and confusing.
This patch moves the address tests out of unix_mkname(), and the following
patches move the other part into appropriate places and remove
unix_mkname() finally.
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 39 ++++++++++++++++++++++++++++++---------
1 file changed, 30 insertions(+), 9 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 98fb8074fe19..103f126df90d 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -227,14 +227,22 @@ static inline void unix_release_addr(struct unix_address *addr)
* - if started by zero, it is abstract name.
*/
+static int unix_validate_addr(struct sockaddr_un *sunaddr, int addr_len)
+{
+ if (addr_len <= offsetof(struct sockaddr_un, sun_path) ||
+ addr_len > sizeof(*sunaddr))
+ return -EINVAL;
+
+ if (sunaddr->sun_family != AF_UNIX)
+ return -EINVAL;
+
+ return 0;
+}
+
static int unix_mkname(struct sockaddr_un *sunaddr, int len, unsigned int *hashp)
{
*hashp = 0;
- if (len <= offsetof(struct sockaddr_un, sun_path) || len > sizeof(*sunaddr))
- return -EINVAL;
- if (!sunaddr || sunaddr->sun_family != AF_UNIX)
- return -EINVAL;
if (sunaddr->sun_path[0]) {
/*
* This may look like an off by one error but it is a bit more
@@ -1169,13 +1177,14 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
unsigned int hash;
struct unix_address *addr;
- if (addr_len < offsetofend(struct sockaddr_un, sun_family) ||
- sunaddr->sun_family != AF_UNIX)
- return -EINVAL;
-
- if (addr_len == offsetof(struct sockaddr_un, sun_path))
+ if (addr_len == offsetof(struct sockaddr_un, sun_path) &&
+ sunaddr->sun_family == AF_UNIX)
return unix_autobind(sk);
+ err = unix_validate_addr(sunaddr, addr_len);
+ if (err)
+ return err;
+
err = unix_mkname(sunaddr, addr_len, &hash);
if (err < 0)
return err;
@@ -1238,6 +1247,10 @@ static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
goto out;
if (addr->sa_family != AF_UNSPEC) {
+ err = unix_validate_addr(sunaddr, alen);
+ if (err)
+ goto out;
+
err = unix_mkname(sunaddr, alen, &hash);
if (err < 0)
goto out;
@@ -1349,6 +1362,10 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
int err;
long timeo;
+ err = unix_validate_addr(sunaddr, addr_len);
+ if (err)
+ goto out;
+
err = unix_mkname(sunaddr, addr_len, &hash);
if (err < 0)
goto out;
@@ -1801,6 +1818,10 @@ static int unix_dgram_sendmsg(struct socket *sock, struct msghdr *msg,
goto out;
if (msg->msg_namelen) {
+ err = unix_validate_addr(sunaddr, msg->msg_namelen);
+ if (err)
+ goto out;
+
err = unix_mkname(sunaddr, msg->msg_namelen, &hash);
if (err < 0)
goto out;
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 06/13] af_unix: Copy unix_mkname() into unix_find_(bsd|abstract)().
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (4 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 05/13] af_unix: Cut unix_validate_addr() out of unix_mkname() Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 07/13] af_unix: Remove unix_mkname() Kuniyuki Iwashima
` (6 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
We should not call unix_mkname() before unix_find_other() and instead do
the same thing where necessary based on the address type:
- terminating the address with '\0' in unix_find_bsd()
- calculating the hash in unix_find_abstract().
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 59 +++++++++++++++++++---------------------------
1 file changed, 24 insertions(+), 35 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 103f126df90d..c39bcb41f490 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -239,19 +239,25 @@ static int unix_validate_addr(struct sockaddr_un *sunaddr, int addr_len)
return 0;
}
+static void unix_mkname_bsd(struct sockaddr_un *sunaddr, int addr_len)
+{
+ /* This may look like an off by one error but it is a bit more
+ * subtle. 108 is the longest valid AF_UNIX path for a binding.
+ * sun_path[108] doesn't as such exist. However in kernel space
+ * we are guaranteed that it is a valid memory location in our
+ * kernel address buffer because syscall functions always pass
+ * a pointer of struct sockaddr_storage which has a bigger buffer
+ * than 108.
+ */
+ ((char *)sunaddr)[addr_len] = 0;
+}
+
static int unix_mkname(struct sockaddr_un *sunaddr, int len, unsigned int *hashp)
{
*hashp = 0;
if (sunaddr->sun_path[0]) {
- /*
- * This may look like an off by one error but it is a bit more
- * subtle. 108 is the longest valid AF_UNIX path for a binding.
- * sun_path[108] doesn't as such exist. However in kernel space
- * we are guaranteed that it is a valid memory location in our
- * kernel address buffer.
- */
- ((char *)sunaddr)[len] = 0;
+ unix_mkname_bsd(sunaddr, len);
len = strlen(sunaddr->sun_path) + offsetof(struct sockaddr_un, sun_path) + 1;
return len;
}
@@ -957,13 +963,14 @@ static int unix_release(struct socket *sock)
}
static struct sock *unix_find_bsd(struct net *net, struct sockaddr_un *sunaddr,
- int type)
+ int addr_len, int type)
{
struct inode *inode;
struct path path;
struct sock *sk;
int err;
+ unix_mkname_bsd(sunaddr, addr_len);
err = kern_path(sunaddr->sun_path, LOOKUP_FOLLOW, &path);
if (err)
goto fail;
@@ -1000,8 +1007,9 @@ static struct sock *unix_find_bsd(struct net *net, struct sockaddr_un *sunaddr,
}
static struct sock *unix_find_abstract(struct net *net, struct sockaddr_un *sunaddr,
- int addr_len, int type, unsigned int hash)
+ int addr_len, int type)
{
+ unsigned int hash = unix_hash_fold(csum_partial(sunaddr, addr_len, 0));
struct dentry *dentry;
struct sock *sk;
@@ -1017,14 +1025,14 @@ static struct sock *unix_find_abstract(struct net *net, struct sockaddr_un *suna
}
static struct sock *unix_find_other(struct net *net, struct sockaddr_un *sunaddr,
- int addr_len, int type, unsigned int hash)
+ int addr_len, int type)
{
struct sock *sk;
if (sunaddr->sun_path[0])
- sk = unix_find_bsd(net, sunaddr, type);
+ sk = unix_find_bsd(net, sunaddr, addr_len, type);
else
- sk = unix_find_abstract(net, sunaddr, addr_len, type, hash);
+ sk = unix_find_abstract(net, sunaddr, addr_len, type);
return sk;
}
@@ -1239,7 +1247,6 @@ static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
struct net *net = sock_net(sk);
struct sockaddr_un *sunaddr = (struct sockaddr_un *)addr;
struct sock *other;
- unsigned int hash;
int err;
err = -EINVAL;
@@ -1251,11 +1258,6 @@ static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
if (err)
goto out;
- err = unix_mkname(sunaddr, alen, &hash);
- if (err < 0)
- goto out;
- alen = err;
-
if (test_bit(SOCK_PASSCRED, &sock->flags) && !unix_sk(sk)->addr) {
err = unix_autobind(sk);
if (err)
@@ -1263,7 +1265,7 @@ static int unix_dgram_connect(struct socket *sock, struct sockaddr *addr,
}
restart:
- other = unix_find_other(net, sunaddr, alen, sock->type, hash);
+ other = unix_find_other(net, sunaddr, alen, sock->type);
if (IS_ERR(other)) {
err = PTR_ERR(other);
goto out;
@@ -1357,7 +1359,6 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
struct sock *newsk = NULL;
struct sock *other = NULL;
struct sk_buff *skb = NULL;
- unsigned int hash;
int st;
int err;
long timeo;
@@ -1366,11 +1367,6 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
if (err)
goto out;
- err = unix_mkname(sunaddr, addr_len, &hash);
- if (err < 0)
- goto out;
- addr_len = err;
-
if (test_bit(SOCK_PASSCRED, &sock->flags) && !u->addr) {
err = unix_autobind(sk);
if (err)
@@ -1401,7 +1397,7 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
restart:
/* Find listening sock. */
- other = unix_find_other(net, sunaddr, addr_len, sk->sk_type, hash);
+ other = unix_find_other(net, sunaddr, addr_len, sk->sk_type);
if (IS_ERR(other)) {
err = PTR_ERR(other);
other = NULL;
@@ -1799,9 +1795,7 @@ static int unix_dgram_sendmsg(struct socket *sock, struct msghdr *msg,
struct unix_sock *u = unix_sk(sk);
DECLARE_SOCKADDR(struct sockaddr_un *, sunaddr, msg->msg_name);
struct sock *other = NULL;
- int namelen = 0; /* fake GCC */
int err;
- unsigned int hash;
struct sk_buff *skb;
long timeo;
struct scm_cookie scm;
@@ -1821,11 +1815,6 @@ static int unix_dgram_sendmsg(struct socket *sock, struct msghdr *msg,
err = unix_validate_addr(sunaddr, msg->msg_namelen);
if (err)
goto out;
-
- err = unix_mkname(sunaddr, msg->msg_namelen, &hash);
- if (err < 0)
- goto out;
- namelen = err;
} else {
sunaddr = NULL;
err = -ENOTCONN;
@@ -1878,7 +1867,7 @@ static int unix_dgram_sendmsg(struct socket *sock, struct msghdr *msg,
if (sunaddr == NULL)
goto out_free;
- other = unix_find_other(net, sunaddr, namelen, sk->sk_type, hash);
+ other = unix_find_other(net, sunaddr, msg->msg_namelen, sk->sk_type);
if (IS_ERR(other)) {
err = PTR_ERR(other);
other = NULL;
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 07/13] af_unix: Remove unix_mkname().
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (5 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 06/13] af_unix: Copy unix_mkname() into unix_find_(bsd|abstract)() Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 08/13] af_unix: Allocate unix_address in unix_bind_(bsd|abstract)() Kuniyuki Iwashima
` (5 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
This patch removes unix_mkname() and postpones calculating a hash to
unix_bind_abstract(). Some BSD stuffs still remain in unix_bind()
though, the next patch packs them into unix_bind_bsd().
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 32 ++++++++++----------------------
1 file changed, 10 insertions(+), 22 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index c39bcb41f490..4b56979870dd 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -252,20 +252,6 @@ static void unix_mkname_bsd(struct sockaddr_un *sunaddr, int addr_len)
((char *)sunaddr)[addr_len] = 0;
}
-static int unix_mkname(struct sockaddr_un *sunaddr, int len, unsigned int *hashp)
-{
- *hashp = 0;
-
- if (sunaddr->sun_path[0]) {
- unix_mkname_bsd(sunaddr, len);
- len = strlen(sunaddr->sun_path) + offsetof(struct sockaddr_un, sun_path) + 1;
- return len;
- }
-
- *hashp = unix_hash_fold(csum_partial(sunaddr, len, 0));
- return len;
-}
-
static void __unix_remove_socket(struct sock *sk)
{
sk_del_node_init(sk);
@@ -1163,6 +1149,9 @@ static int unix_bind_abstract(struct sock *sk, struct unix_address *addr)
return -EINVAL;
}
+ addr->hash = unix_hash_fold(csum_partial(addr->name, addr->len, 0));
+ addr->hash ^= sk->sk_type;
+
spin_lock(&unix_table_lock);
if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len,
addr->hash)) {
@@ -1178,12 +1167,11 @@ static int unix_bind_abstract(struct sock *sk, struct unix_address *addr)
static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
{
- struct sock *sk = sock->sk;
struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
char *sun_path = sunaddr->sun_path;
- int err;
- unsigned int hash;
+ struct sock *sk = sock->sk;
struct unix_address *addr;
+ int err;
if (addr_len == offsetof(struct sockaddr_un, sun_path) &&
sunaddr->sun_family == AF_UNIX)
@@ -1193,17 +1181,17 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
if (err)
return err;
- err = unix_mkname(sunaddr, addr_len, &hash);
- if (err < 0)
- return err;
- addr_len = err;
+ if (sun_path[0]) {
+ unix_mkname_bsd(sunaddr, addr_len);
+ addr_len = strlen(sunaddr->sun_path) + offsetof(struct sockaddr_un, sun_path) + 1;
+ }
+
addr = kmalloc(sizeof(*addr)+addr_len, GFP_KERNEL);
if (!addr)
return -ENOMEM;
memcpy(addr->name, sunaddr, addr_len);
addr->len = addr_len;
- addr->hash = hash ^ sk->sk_type;
refcount_set(&addr->refcnt, 1);
if (sun_path[0])
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 08/13] af_unix: Allocate unix_address in unix_bind_(bsd|abstract)().
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (6 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 07/13] af_unix: Remove unix_mkname() Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 09/13] af_unix: Remove UNIX_ABSTRACT() macro and test sun_path[0] instead Kuniyuki Iwashima
` (4 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
To terminate address with '\0' in unix_bind_bsd(), we add
unix_create_addr() and call it in unix_bind_bsd() and unix_bind_abstract().
Also, unix_bind_abstract() does not return -EEXIST. Only
kern_path_create() and vfs_mknod() in unix_bind_bsd() can return it,
so we move the last error check in unix_bind() to unix_bind_bsd().
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 103 +++++++++++++++++++++++++++------------------
1 file changed, 63 insertions(+), 40 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 4b56979870dd..8e065c1f00ff 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -214,6 +214,21 @@ struct sock *unix_peer_get(struct sock *s)
}
EXPORT_SYMBOL_GPL(unix_peer_get);
+static struct unix_address *unix_create_addr(struct sockaddr_un *sunaddr, int addr_len)
+{
+ struct unix_address *addr;
+
+ addr = kmalloc(sizeof(*addr) + addr_len, GFP_KERNEL);
+ if (!addr)
+ return NULL;
+
+ refcount_set(&addr->refcnt, 1);
+ addr->len = addr_len;
+ memcpy(addr->name, sunaddr, addr_len);
+
+ return addr;
+}
+
static inline void unix_release_addr(struct unix_address *addr)
{
if (refcount_dec_and_test(&addr->refcnt))
@@ -1079,34 +1094,44 @@ out: mutex_unlock(&u->bindlock);
return err;
}
-static int unix_bind_bsd(struct sock *sk, struct unix_address *addr)
+static int unix_bind_bsd(struct sock *sk, struct sockaddr_un *sunaddr, int addr_len)
{
- struct unix_sock *u = unix_sk(sk);
umode_t mode = S_IFSOCK |
(SOCK_INODE(sk->sk_socket)->i_mode & ~current_umask());
+ struct unix_sock *u = unix_sk(sk);
struct user_namespace *ns; // barf...
- struct path parent;
+ struct unix_address *addr;
struct dentry *dentry;
+ struct path parent;
unsigned int hash;
int err;
+ unix_mkname_bsd(sunaddr, addr_len);
+ addr_len = strlen(sunaddr->sun_path) + offsetof(struct sockaddr_un, sun_path) + 1;
+
+ addr = unix_create_addr(sunaddr, addr_len);
+ if (!addr)
+ return -ENOMEM;
+
/*
* Get the parent directory, calculate the hash for last
* component.
*/
dentry = kern_path_create(AT_FDCWD, addr->name->sun_path, &parent, 0);
- if (IS_ERR(dentry))
- return PTR_ERR(dentry);
- ns = mnt_user_ns(parent.mnt);
+ if (IS_ERR(dentry)) {
+ err = PTR_ERR(dentry);
+ goto out;
+ }
/*
* All right, let's create it.
*/
+ ns = mnt_user_ns(parent.mnt);
err = security_path_mknod(&parent, dentry, mode, 0);
if (!err)
err = vfs_mknod(ns, d_inode(parent.dentry), dentry, mode, 0);
if (err)
- goto out;
+ goto out_path;
err = mutex_lock_interruptible(&u->bindlock);
if (err)
goto out_unlink;
@@ -1130,47 +1155,59 @@ static int unix_bind_bsd(struct sock *sk, struct unix_address *addr)
out_unlink:
/* failed after successful mknod? unlink what we'd created... */
vfs_unlink(ns, d_inode(parent.dentry), dentry, NULL);
-out:
+out_path:
done_path_create(&parent, dentry);
- return err;
+out:
+ unix_release_addr(addr);
+ return err == -EEXIST ? -EADDRINUSE : err;
}
-static int unix_bind_abstract(struct sock *sk, struct unix_address *addr)
+static int unix_bind_abstract(struct sock *sk, struct sockaddr_un *sunaddr, int addr_len)
{
struct unix_sock *u = unix_sk(sk);
+ struct unix_address *addr;
int err;
+ addr = unix_create_addr(sunaddr, addr_len);
+ if (!addr)
+ return -ENOMEM;
+
err = mutex_lock_interruptible(&u->bindlock);
if (err)
- return err;
+ goto out;
if (u->addr) {
- mutex_unlock(&u->bindlock);
- return -EINVAL;
+ err = -EINVAL;
+ goto out_mutex;
}
addr->hash = unix_hash_fold(csum_partial(addr->name, addr->len, 0));
addr->hash ^= sk->sk_type;
spin_lock(&unix_table_lock);
- if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len,
- addr->hash)) {
- spin_unlock(&unix_table_lock);
- mutex_unlock(&u->bindlock);
- return -EADDRINUSE;
- }
+
+ if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, addr->hash))
+ goto out_spin;
+
__unix_set_addr(sk, addr, addr->hash);
spin_unlock(&unix_table_lock);
mutex_unlock(&u->bindlock);
return 0;
+
+out_spin:
+ spin_unlock(&unix_table_lock);
+ err = -EADDRINUSE;
+out_mutex:
+ mutex_unlock(&u->bindlock);
+out:
+ unix_release_addr(addr);
+ return err;
}
static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
{
struct sockaddr_un *sunaddr = (struct sockaddr_un *)uaddr;
- char *sun_path = sunaddr->sun_path;
struct sock *sk = sock->sk;
- struct unix_address *addr;
int err;
if (addr_len == offsetof(struct sockaddr_un, sun_path) &&
@@ -1181,26 +1218,12 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
if (err)
return err;
- if (sun_path[0]) {
- unix_mkname_bsd(sunaddr, addr_len);
- addr_len = strlen(sunaddr->sun_path) + offsetof(struct sockaddr_un, sun_path) + 1;
- }
-
- addr = kmalloc(sizeof(*addr)+addr_len, GFP_KERNEL);
- if (!addr)
- return -ENOMEM;
-
- memcpy(addr->name, sunaddr, addr_len);
- addr->len = addr_len;
- refcount_set(&addr->refcnt, 1);
-
- if (sun_path[0])
- err = unix_bind_bsd(sk, addr);
+ if (sunaddr->sun_path[0])
+ err = unix_bind_bsd(sk, sunaddr, addr_len);
else
- err = unix_bind_abstract(sk, addr);
- if (err)
- unix_release_addr(addr);
- return err == -EEXIST ? -EADDRINUSE : err;
+ err = unix_bind_abstract(sk, sunaddr, addr_len);
+
+ return err;
}
static void unix_state_double_lock(struct sock *sk1, struct sock *sk2)
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 09/13] af_unix: Remove UNIX_ABSTRACT() macro and test sun_path[0] instead.
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (7 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 08/13] af_unix: Allocate unix_address in unix_bind_(bsd|abstract)() Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 10/13] af_unix: Add helpers to calculate hashes Kuniyuki Iwashima
` (3 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
In BSD and abstract address cases, we store sockets in the hash table with
keys between 0 and UNIX_HASH_SIZE - 1. However, the hash saved in a socket
varies depending on its address type; sockets with BSD addresses always
have UNIX_HASH_SIZE in their unix_sk(sk)->addr->hash.
This is just for the UNIX_ABSTRACT() macro used to check the address type.
The difference of the saved hashes comes from the first byte of the address
in the first place. So, we can test it directly.
Then we can keep a real hash in each socket and replace unix_table_lock
with per-hash locks in the later patch.
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 4 +---
tools/testing/selftests/bpf/progs/bpf_iter_unix.c | 2 +-
tools/testing/selftests/bpf/progs/bpf_tracing_net.h | 2 --
tools/testing/selftests/bpf/progs/test_skc_to_unix_sock.c | 2 +-
4 files changed, 3 insertions(+), 7 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 8e065c1f00ff..16a41dc1ee3e 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -134,8 +134,6 @@ static struct hlist_head *unix_sockets_unbound(void *addr)
return &unix_socket_table[UNIX_HASH_SIZE + hash];
}
-#define UNIX_ABSTRACT(sk) (unix_sk(sk)->addr->hash < UNIX_HASH_SIZE)
-
#ifdef CONFIG_SECURITY_NETWORK
static void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
{
@@ -3283,7 +3281,7 @@ static int unix_seq_show(struct seq_file *seq, void *v)
i = 0;
len = u->addr->len - offsetof(struct sockaddr_un, sun_path);
- if (!UNIX_ABSTRACT(s))
+ if (u->addr->name->sun_path[0])
len--;
else {
seq_putc(seq, '@');
diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_unix.c b/tools/testing/selftests/bpf/progs/bpf_iter_unix.c
index 94423902685d..c21e3f545371 100644
--- a/tools/testing/selftests/bpf/progs/bpf_iter_unix.c
+++ b/tools/testing/selftests/bpf/progs/bpf_iter_unix.c
@@ -49,7 +49,7 @@ int dump_unix(struct bpf_iter__unix *ctx)
sock_i_ino(sk));
if (unix_sk->addr) {
- if (!UNIX_ABSTRACT(unix_sk)) {
+ if (unix_sk->addr->name->sun_path[0]) {
BPF_SEQ_PRINTF(seq, " %s", unix_sk->addr->name->sun_path);
} else {
/* The name of the abstract UNIX domain socket starts
diff --git a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h
index eef5646ddb19..e0f42601be9b 100644
--- a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h
+++ b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h
@@ -6,8 +6,6 @@
#define AF_INET6 10
#define __SO_ACCEPTCON (1 << 16)
-#define UNIX_HASH_SIZE 256
-#define UNIX_ABSTRACT(unix_sk) (unix_sk->addr->hash < UNIX_HASH_SIZE)
#define SOL_TCP 6
#define TCP_CONGESTION 13
diff --git a/tools/testing/selftests/bpf/progs/test_skc_to_unix_sock.c b/tools/testing/selftests/bpf/progs/test_skc_to_unix_sock.c
index a408ec95cba4..eacda9fe07eb 100644
--- a/tools/testing/selftests/bpf/progs/test_skc_to_unix_sock.c
+++ b/tools/testing/selftests/bpf/progs/test_skc_to_unix_sock.c
@@ -23,7 +23,7 @@ int BPF_PROG(unix_listen, struct socket *sock, int backlog)
if (!unix_sk)
return 0;
- if (!UNIX_ABSTRACT(unix_sk))
+ if (unix_sk->addr->name->sun_path[0])
return 0;
len = unix_sk->addr->len - sizeof(short);
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 10/13] af_unix: Add helpers to calculate hashes.
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (8 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 09/13] af_unix: Remove UNIX_ABSTRACT() macro and test sun_path[0] instead Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 11/13] af_unix: Save hash in sk_hash Kuniyuki Iwashima
` (2 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
This patch adds three helper functions that calculate hashes for unbound
sockets and bound sockets with BSD/abstract addresses.
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 63 +++++++++++++++++++++++++---------------------
1 file changed, 34 insertions(+), 29 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 16a41dc1ee3e..f1fb9b6fe009 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -123,15 +123,37 @@ DEFINE_SPINLOCK(unix_table_lock);
EXPORT_SYMBOL_GPL(unix_table_lock);
static atomic_long_t unix_nr_socks;
+/* SMP locking strategy:
+ * hash table is protected with spinlock unix_table_lock
+ * each socket state is protected by separate spin lock.
+ */
-static struct hlist_head *unix_sockets_unbound(void *addr)
+static unsigned int unix_unbound_hash(struct sock *sk)
{
- unsigned long hash = (unsigned long)addr;
+ unsigned long hash = (unsigned long)sk;
hash ^= hash >> 16;
hash ^= hash >> 8;
- hash %= UNIX_HASH_SIZE;
- return &unix_socket_table[UNIX_HASH_SIZE + hash];
+ hash ^= sk->sk_type;
+
+ return UNIX_HASH_SIZE + (hash & (UNIX_HASH_SIZE - 1));
+}
+
+static unsigned int unix_bsd_hash(struct inode *i)
+{
+ return i->i_ino & (UNIX_HASH_SIZE - 1);
+}
+
+static unsigned int unix_abstract_hash(struct sockaddr_un *sunaddr,
+ int addr_len, int type)
+{
+ unsigned int hash;
+
+ hash = (__force unsigned int)csum_fold(csum_partial(sunaddr, addr_len, 0));
+ hash ^= hash >> 8;
+ hash ^= type;
+
+ return hash & (UNIX_HASH_SIZE - 1);
}
#ifdef CONFIG_SECURITY_NETWORK
@@ -162,20 +184,6 @@ static inline bool unix_secdata_eq(struct scm_cookie *scm, struct sk_buff *skb)
}
#endif /* CONFIG_SECURITY_NETWORK */
-/*
- * SMP locking strategy:
- * hash table is protected with spinlock unix_table_lock
- * each socket state is protected by separate spin lock.
- */
-
-static inline unsigned int unix_hash_fold(__wsum n)
-{
- unsigned int hash = (__force unsigned int)csum_fold(n);
-
- hash ^= hash>>8;
- return hash&(UNIX_HASH_SIZE-1);
-}
-
#define unix_peer(sk) (unix_sk(sk)->peer)
static inline int unix_our_peer(struct sock *sk, struct sock *osk)
@@ -333,11 +341,11 @@ static inline struct sock *unix_find_socket_byname(struct net *net,
static struct sock *unix_find_socket_byinode(struct inode *i)
{
+ unsigned int hash = unix_bsd_hash(i);
struct sock *s;
spin_lock(&unix_table_lock);
- sk_for_each(s,
- &unix_socket_table[i->i_ino & (UNIX_HASH_SIZE - 1)]) {
+ sk_for_each(s, &unix_socket_table[hash]) {
struct dentry *dentry = unix_sk(s)->path.dentry;
if (dentry && d_backing_inode(dentry) == i) {
@@ -898,7 +906,7 @@ static struct sock *unix_create1(struct net *net, struct socket *sock, int kern,
init_waitqueue_head(&u->peer_wait);
init_waitqueue_func_entry(&u->peer_wake, unix_dgram_peer_wake_relay);
memset(&u->scm_stat, 0, sizeof(struct scm_stat));
- unix_insert_socket(unix_sockets_unbound(sk), sk);
+ unix_insert_socket(&unix_socket_table[unix_unbound_hash(sk)], sk);
sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1);
@@ -1008,11 +1016,11 @@ static struct sock *unix_find_bsd(struct net *net, struct sockaddr_un *sunaddr,
static struct sock *unix_find_abstract(struct net *net, struct sockaddr_un *sunaddr,
int addr_len, int type)
{
- unsigned int hash = unix_hash_fold(csum_partial(sunaddr, addr_len, 0));
+ unsigned int hash = unix_abstract_hash(sunaddr, addr_len, type);
struct dentry *dentry;
struct sock *sk;
- sk = unix_find_socket_byname(net, sunaddr, addr_len, type ^ hash);
+ sk = unix_find_socket_byname(net, sunaddr, addr_len, hash);
if (!sk)
return ERR_PTR(-ECONNREFUSED);
@@ -1062,8 +1070,7 @@ static int unix_autobind(struct sock *sk)
retry:
addr->len = sprintf(addr->name->sun_path + 1, "%05x", ordernum) +
offsetof(struct sockaddr_un, sun_path) + 1;
- addr->hash = unix_hash_fold(csum_partial(addr->name, addr->len, 0));
- addr->hash ^= sk->sk_type;
+ addr->hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
spin_lock(&unix_table_lock);
ordernum = (ordernum+1)&0xFFFFF;
@@ -1137,7 +1144,7 @@ static int unix_bind_bsd(struct sock *sk, struct sockaddr_un *sunaddr, int addr_
goto out_unlock;
addr->hash = UNIX_HASH_SIZE;
- hash = d_backing_inode(dentry)->i_ino & (UNIX_HASH_SIZE - 1);
+ hash = unix_bsd_hash(d_backing_inode(dentry));
spin_lock(&unix_table_lock);
u->path.mnt = mntget(parent.mnt);
u->path.dentry = dget(dentry);
@@ -1179,9 +1186,7 @@ static int unix_bind_abstract(struct sock *sk, struct sockaddr_un *sunaddr, int
goto out_mutex;
}
- addr->hash = unix_hash_fold(csum_partial(addr->name, addr->len, 0));
- addr->hash ^= sk->sk_type;
-
+ addr->hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
spin_lock(&unix_table_lock);
if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, addr->hash))
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 11/13] af_unix: Save hash in sk_hash.
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (9 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 10/13] af_unix: Add helpers to calculate hashes Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 12/13] af_unix: Replace the big lock with small locks Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 13/13] af_unix: Relax race in unix_autobind() Kuniyuki Iwashima
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
To replace unix_table_lock with per-hash locks in the next patch, we need
to save a hash in each socket because /proc/net/unix or BPF prog iterate
sockets while holding a hash table lock and release it later in a different
function.
Currently, we store a real/pseudo hash in struct unix_address. However, we
do not allocate it to unbound sockets, nor should we do just for that. For
this purpose, we can use sk_hash. Then, we no longer use the hash field in
struct unix_address and can remove it.
Also, this patch does
- rename unix_insert_socket() to unix_insert_unbound_socket()
- remove the redundant list argument from __unix_insert_socket() and
unix_insert_unbound_socket()
- use 'unsigned int' instead of 'unsigned' in __unix_set_addr_hash()
- remove 'inline' from unix_remove_socket() and
unix_insert_unbound_socket().
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
include/net/af_unix.h | 1 -
net/unix/af_unix.c | 41 ++++++++++++++++++++++-------------------
2 files changed, 22 insertions(+), 20 deletions(-)
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index 7d142e8a0550..89049cc6c066 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -26,7 +26,6 @@ extern struct hlist_head unix_socket_table[2 * UNIX_HASH_SIZE];
struct unix_address {
refcount_t refcnt;
int len;
- unsigned int hash;
struct sockaddr_un name[];
};
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index f1fb9b6fe009..7d28d0018727 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -278,31 +278,32 @@ static void __unix_remove_socket(struct sock *sk)
sk_del_node_init(sk);
}
-static void __unix_insert_socket(struct hlist_head *list, struct sock *sk)
+static void __unix_insert_socket(struct sock *sk)
{
WARN_ON(!sk_unhashed(sk));
- sk_add_node(sk, list);
+ sk_add_node(sk, &unix_socket_table[sk->sk_hash]);
}
-static void __unix_set_addr(struct sock *sk, struct unix_address *addr,
- unsigned hash)
+static void __unix_set_addr_hash(struct sock *sk, struct unix_address *addr,
+ unsigned int hash)
{
__unix_remove_socket(sk);
+ sk->sk_hash = hash;
smp_store_release(&unix_sk(sk)->addr, addr);
- __unix_insert_socket(&unix_socket_table[hash], sk);
+ __unix_insert_socket(sk);
}
-static inline void unix_remove_socket(struct sock *sk)
+static void unix_remove_socket(struct sock *sk)
{
spin_lock(&unix_table_lock);
__unix_remove_socket(sk);
spin_unlock(&unix_table_lock);
}
-static inline void unix_insert_socket(struct hlist_head *list, struct sock *sk)
+static void unix_insert_unbound_socket(struct sock *sk)
{
spin_lock(&unix_table_lock);
- __unix_insert_socket(list, sk);
+ __unix_insert_socket(sk);
spin_unlock(&unix_table_lock);
}
@@ -891,6 +892,7 @@ static struct sock *unix_create1(struct net *net, struct socket *sock, int kern,
sock_init_data(sock, sk);
+ sk->sk_hash = unix_unbound_hash(sk);
sk->sk_allocation = GFP_KERNEL_ACCOUNT;
sk->sk_write_space = unix_write_space;
sk->sk_max_ack_backlog = net->unx.sysctl_max_dgram_qlen;
@@ -906,7 +908,7 @@ static struct sock *unix_create1(struct net *net, struct socket *sock, int kern,
init_waitqueue_head(&u->peer_wait);
init_waitqueue_func_entry(&u->peer_wake, unix_dgram_peer_wake_relay);
memset(&u->scm_stat, 0, sizeof(struct scm_stat));
- unix_insert_socket(&unix_socket_table[unix_unbound_hash(sk)], sk);
+ unix_insert_unbound_socket(sk);
sock_prot_inuse_add(sock_net(sk), sk->sk_prot, 1);
@@ -1050,6 +1052,7 @@ static int unix_autobind(struct sock *sk)
struct unix_address *addr;
unsigned int retries = 0;
static u32 ordernum = 1;
+ unsigned int new_hash;
int err;
err = mutex_lock_interruptible(&u->bindlock);
@@ -1070,12 +1073,12 @@ static int unix_autobind(struct sock *sk)
retry:
addr->len = sprintf(addr->name->sun_path + 1, "%05x", ordernum) +
offsetof(struct sockaddr_un, sun_path) + 1;
- addr->hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
+ new_hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
spin_lock(&unix_table_lock);
ordernum = (ordernum+1)&0xFFFFF;
- if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, addr->hash)) {
+ if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, new_hash)) {
spin_unlock(&unix_table_lock);
/*
* __unix_find_socket_byname() may take long time if many names
@@ -1091,7 +1094,7 @@ static int unix_autobind(struct sock *sk)
goto retry;
}
- __unix_set_addr(sk, addr, addr->hash);
+ __unix_set_addr_hash(sk, addr, new_hash);
spin_unlock(&unix_table_lock);
err = 0;
@@ -1106,9 +1109,9 @@ static int unix_bind_bsd(struct sock *sk, struct sockaddr_un *sunaddr, int addr_
struct unix_sock *u = unix_sk(sk);
struct user_namespace *ns; // barf...
struct unix_address *addr;
+ unsigned int new_hash;
struct dentry *dentry;
struct path parent;
- unsigned int hash;
int err;
unix_mkname_bsd(sunaddr, addr_len);
@@ -1143,12 +1146,11 @@ static int unix_bind_bsd(struct sock *sk, struct sockaddr_un *sunaddr, int addr_
if (u->addr)
goto out_unlock;
- addr->hash = UNIX_HASH_SIZE;
- hash = unix_bsd_hash(d_backing_inode(dentry));
+ new_hash = unix_bsd_hash(d_backing_inode(dentry));
spin_lock(&unix_table_lock);
u->path.mnt = mntget(parent.mnt);
u->path.dentry = dget(dentry);
- __unix_set_addr(sk, addr, hash);
+ __unix_set_addr_hash(sk, addr, new_hash);
spin_unlock(&unix_table_lock);
mutex_unlock(&u->bindlock);
done_path_create(&parent, dentry);
@@ -1171,6 +1173,7 @@ static int unix_bind_abstract(struct sock *sk, struct sockaddr_un *sunaddr, int
{
struct unix_sock *u = unix_sk(sk);
struct unix_address *addr;
+ unsigned int new_hash;
int err;
addr = unix_create_addr(sunaddr, addr_len);
@@ -1186,13 +1189,13 @@ static int unix_bind_abstract(struct sock *sk, struct sockaddr_un *sunaddr, int
goto out_mutex;
}
- addr->hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
+ new_hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
spin_lock(&unix_table_lock);
- if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, addr->hash))
+ if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, new_hash))
goto out_spin;
- __unix_set_addr(sk, addr, addr->hash);
+ __unix_set_addr_hash(sk, addr, new_hash);
spin_unlock(&unix_table_lock);
mutex_unlock(&u->bindlock);
return 0;
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 12/13] af_unix: Replace the big lock with small locks.
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (10 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 11/13] af_unix: Save hash in sk_hash Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 13/13] af_unix: Relax race in unix_autobind() Kuniyuki Iwashima
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
The hash table of AF_UNIX sockets is protected by the single lock. This
patch replaces it with per-hash locks.
The effect is noticeable when we handle multiple sockets simultaneously.
Here is a test result on an EC2 c5.24xlarge instance. It shows latency
(under 10us only) in unix_insert_unbound_socket() while 64 CPUs creating
1024 sockets for each in parallel.
Without this patch:
nsec : count distribution
0 : 179 | |
500 : 3021 |********* |
1000 : 6271 |******************* |
1500 : 6318 |******************* |
2000 : 5828 |***************** |
2500 : 5124 |*************** |
3000 : 4426 |************* |
3500 : 3672 |*********** |
4000 : 3138 |********* |
4500 : 2811 |******** |
5000 : 2384 |******* |
5500 : 2023 |****** |
6000 : 1954 |***** |
6500 : 1737 |***** |
7000 : 1749 |***** |
7500 : 1520 |**** |
8000 : 1469 |**** |
8500 : 1394 |**** |
9000 : 1232 |*** |
9500 : 1138 |*** |
10000 : 994 |*** |
With this patch:
nsec : count distribution
0 : 1634 |**** |
500 : 13170 |****************************************|
1000 : 13156 |*************************************** |
1500 : 9010 |*************************** |
2000 : 6363 |******************* |
2500 : 4443 |************* |
3000 : 3240 |********* |
3500 : 2549 |******* |
4000 : 1872 |***** |
4500 : 1504 |**** |
5000 : 1247 |*** |
5500 : 1035 |*** |
6000 : 889 |** |
6500 : 744 |** |
7000 : 634 |* |
7500 : 498 |* |
8000 : 433 |* |
8500 : 355 |* |
9000 : 336 |* |
9500 : 284 | |
10000 : 243 | |
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
include/net/af_unix.h | 2 +-
net/unix/af_unix.c | 98 ++++++++++++++++++++++++++-----------------
net/unix/diag.c | 20 ++++-----
3 files changed, 71 insertions(+), 49 deletions(-)
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index 89049cc6c066..a7ef624ed726 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -20,7 +20,7 @@ struct sock *unix_peer_get(struct sock *sk);
#define UNIX_HASH_BITS 8
extern unsigned int unix_tot_inflight;
-extern spinlock_t unix_table_lock;
+extern spinlock_t unix_table_locks[2 * UNIX_HASH_SIZE];
extern struct hlist_head unix_socket_table[2 * UNIX_HASH_SIZE];
struct unix_address {
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 7d28d0018727..77334815bc3d 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -117,14 +117,14 @@
#include "scm.h"
+spinlock_t unix_table_locks[2 * UNIX_HASH_SIZE];
+EXPORT_SYMBOL_GPL(unix_table_locks);
struct hlist_head unix_socket_table[2 * UNIX_HASH_SIZE];
EXPORT_SYMBOL_GPL(unix_socket_table);
-DEFINE_SPINLOCK(unix_table_lock);
-EXPORT_SYMBOL_GPL(unix_table_lock);
static atomic_long_t unix_nr_socks;
/* SMP locking strategy:
- * hash table is protected with spinlock unix_table_lock
+ * hash table is protected with spinlock unix_table_locks
* each socket state is protected by separate spin lock.
*/
@@ -156,6 +156,25 @@ static unsigned int unix_abstract_hash(struct sockaddr_un *sunaddr,
return hash & (UNIX_HASH_SIZE - 1);
}
+static void unix_table_double_lock(unsigned int hash1, unsigned int hash2)
+{
+ /* hash1 and hash2 is never the same because
+ * one is between 0 and UNIX_HASH_SIZE - 1, and
+ * another is between UNIX_HASH_SIZE and UNIX_HASH_SIZE * 2.
+ */
+ if (hash1 > hash2)
+ swap(hash1, hash2);
+
+ spin_lock(&unix_table_locks[hash1]);
+ spin_lock_nested(&unix_table_locks[hash2], SINGLE_DEPTH_NESTING);
+}
+
+static void unix_table_double_unlock(unsigned int hash1, unsigned int hash2)
+{
+ spin_unlock(&unix_table_locks[hash1]);
+ spin_unlock(&unix_table_locks[hash2]);
+}
+
#ifdef CONFIG_SECURITY_NETWORK
static void unix_get_secdata(struct scm_cookie *scm, struct sk_buff *skb)
{
@@ -295,16 +314,16 @@ static void __unix_set_addr_hash(struct sock *sk, struct unix_address *addr,
static void unix_remove_socket(struct sock *sk)
{
- spin_lock(&unix_table_lock);
+ spin_lock(&unix_table_locks[sk->sk_hash]);
__unix_remove_socket(sk);
- spin_unlock(&unix_table_lock);
+ spin_unlock(&unix_table_locks[sk->sk_hash]);
}
static void unix_insert_unbound_socket(struct sock *sk)
{
- spin_lock(&unix_table_lock);
+ spin_lock(&unix_table_locks[sk->sk_hash]);
__unix_insert_socket(sk);
- spin_unlock(&unix_table_lock);
+ spin_unlock(&unix_table_locks[sk->sk_hash]);
}
static struct sock *__unix_find_socket_byname(struct net *net,
@@ -332,11 +351,11 @@ static inline struct sock *unix_find_socket_byname(struct net *net,
{
struct sock *s;
- spin_lock(&unix_table_lock);
+ spin_lock(&unix_table_locks[hash]);
s = __unix_find_socket_byname(net, sunname, len, hash);
if (s)
sock_hold(s);
- spin_unlock(&unix_table_lock);
+ spin_unlock(&unix_table_locks[hash]);
return s;
}
@@ -345,19 +364,18 @@ static struct sock *unix_find_socket_byinode(struct inode *i)
unsigned int hash = unix_bsd_hash(i);
struct sock *s;
- spin_lock(&unix_table_lock);
+ spin_lock(&unix_table_locks[hash]);
sk_for_each(s, &unix_socket_table[hash]) {
struct dentry *dentry = unix_sk(s)->path.dentry;
if (dentry && d_backing_inode(dentry) == i) {
sock_hold(s);
- goto found;
+ spin_unlock(&unix_table_locks[hash]);
+ return s;
}
}
- s = NULL;
-found:
- spin_unlock(&unix_table_lock);
- return s;
+ spin_unlock(&unix_table_locks[hash]);
+ return NULL;
}
/* Support code for asymmetrically connected dgram sockets
@@ -1048,11 +1066,11 @@ static struct sock *unix_find_other(struct net *net, struct sockaddr_un *sunaddr
static int unix_autobind(struct sock *sk)
{
+ unsigned int new_hash, old_hash = sk->sk_hash;
struct unix_sock *u = unix_sk(sk);
struct unix_address *addr;
unsigned int retries = 0;
static u32 ordernum = 1;
- unsigned int new_hash;
int err;
err = mutex_lock_interruptible(&u->bindlock);
@@ -1075,11 +1093,12 @@ static int unix_autobind(struct sock *sk)
offsetof(struct sockaddr_un, sun_path) + 1;
new_hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
- spin_lock(&unix_table_lock);
+ unix_table_double_lock(old_hash, new_hash);
ordernum = (ordernum+1)&0xFFFFF;
if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, new_hash)) {
- spin_unlock(&unix_table_lock);
+ unix_table_double_unlock(old_hash, new_hash);
+
/*
* __unix_find_socket_byname() may take long time if many names
* are already in use.
@@ -1095,7 +1114,7 @@ static int unix_autobind(struct sock *sk)
}
__unix_set_addr_hash(sk, addr, new_hash);
- spin_unlock(&unix_table_lock);
+ unix_table_double_unlock(old_hash, new_hash);
err = 0;
out: mutex_unlock(&u->bindlock);
@@ -1106,10 +1125,10 @@ static int unix_bind_bsd(struct sock *sk, struct sockaddr_un *sunaddr, int addr_
{
umode_t mode = S_IFSOCK |
(SOCK_INODE(sk->sk_socket)->i_mode & ~current_umask());
+ unsigned int new_hash, old_hash = sk->sk_hash;
struct unix_sock *u = unix_sk(sk);
struct user_namespace *ns; // barf...
struct unix_address *addr;
- unsigned int new_hash;
struct dentry *dentry;
struct path parent;
int err;
@@ -1147,11 +1166,11 @@ static int unix_bind_bsd(struct sock *sk, struct sockaddr_un *sunaddr, int addr_
goto out_unlock;
new_hash = unix_bsd_hash(d_backing_inode(dentry));
- spin_lock(&unix_table_lock);
+ unix_table_double_lock(old_hash, new_hash);
u->path.mnt = mntget(parent.mnt);
u->path.dentry = dget(dentry);
__unix_set_addr_hash(sk, addr, new_hash);
- spin_unlock(&unix_table_lock);
+ unix_table_double_unlock(old_hash, new_hash);
mutex_unlock(&u->bindlock);
done_path_create(&parent, dentry);
return 0;
@@ -1171,9 +1190,9 @@ static int unix_bind_bsd(struct sock *sk, struct sockaddr_un *sunaddr, int addr_
static int unix_bind_abstract(struct sock *sk, struct sockaddr_un *sunaddr, int addr_len)
{
+ unsigned int new_hash, old_hash = sk->sk_hash;
struct unix_sock *u = unix_sk(sk);
struct unix_address *addr;
- unsigned int new_hash;
int err;
addr = unix_create_addr(sunaddr, addr_len);
@@ -1190,18 +1209,18 @@ static int unix_bind_abstract(struct sock *sk, struct sockaddr_un *sunaddr, int
}
new_hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
- spin_lock(&unix_table_lock);
+ unix_table_double_lock(old_hash, new_hash);
if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, new_hash))
goto out_spin;
__unix_set_addr_hash(sk, addr, new_hash);
- spin_unlock(&unix_table_lock);
+ unix_table_double_unlock(old_hash, new_hash);
mutex_unlock(&u->bindlock);
return 0;
out_spin:
- spin_unlock(&unix_table_lock);
+ unix_table_double_unlock(old_hash, new_hash);
err = -EADDRINUSE;
out_mutex:
mutex_unlock(&u->bindlock);
@@ -1507,9 +1526,9 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
*
* The contents of *(otheru->addr) and otheru->path
* are seen fully set up here, since we have found
- * otheru in hash under unix_table_lock. Insertion
+ * otheru in hash under unix_table_locks. Insertion
* into the hash chain we'd found it in had been done
- * in an earlier critical area protected by unix_table_lock,
+ * in an earlier critical area protected by unix_table_locks,
* the same one where we'd set *(otheru->addr) contents,
* as well as otheru->path and otheru->addr itself.
*
@@ -3188,7 +3207,7 @@ static __poll_t unix_dgram_poll(struct file *file, struct socket *sock,
#define BUCKET_SPACE (BITS_PER_LONG - (UNIX_HASH_BITS + 1) - 1)
#define get_bucket(x) ((x) >> BUCKET_SPACE)
-#define get_offset(x) ((x) & ((1L << BUCKET_SPACE) - 1))
+#define get_offset(x) ((x) & ((1UL << BUCKET_SPACE) - 1))
#define set_bucket_offset(b, o) ((b) << BUCKET_SPACE | (o))
static struct sock *unix_from_bucket(struct seq_file *seq, loff_t *pos)
@@ -3212,7 +3231,7 @@ static struct sock *unix_next_socket(struct seq_file *seq,
struct sock *sk,
loff_t *pos)
{
- unsigned long bucket;
+ unsigned long bucket = get_bucket(*pos);
while (sk > (struct sock *)SEQ_START_TOKEN) {
sk = sk_next(sk);
@@ -3223,12 +3242,13 @@ static struct sock *unix_next_socket(struct seq_file *seq,
}
do {
+ spin_lock(&unix_table_locks[bucket]);
sk = unix_from_bucket(seq, pos);
if (sk)
return sk;
next_bucket:
- bucket = get_bucket(*pos) + 1;
+ spin_unlock(&unix_table_locks[bucket++]);
*pos = set_bucket_offset(bucket, 1);
} while (bucket < ARRAY_SIZE(unix_socket_table));
@@ -3236,10 +3256,7 @@ static struct sock *unix_next_socket(struct seq_file *seq,
}
static void *unix_seq_start(struct seq_file *seq, loff_t *pos)
- __acquires(unix_table_lock)
{
- spin_lock(&unix_table_lock);
-
if (!*pos)
return SEQ_START_TOKEN;
@@ -3256,9 +3273,11 @@ static void *unix_seq_next(struct seq_file *seq, void *v, loff_t *pos)
}
static void unix_seq_stop(struct seq_file *seq, void *v)
- __releases(unix_table_lock)
{
- spin_unlock(&unix_table_lock);
+ struct sock *sk = v;
+
+ if (sk)
+ spin_unlock(&unix_table_locks[sk->sk_hash]);
}
static int unix_seq_show(struct seq_file *seq, void *v)
@@ -3283,7 +3302,7 @@ static int unix_seq_show(struct seq_file *seq, void *v)
(s->sk_state == TCP_ESTABLISHED ? SS_CONNECTING : SS_DISCONNECTING),
sock_i_ino(s));
- if (u->addr) { // under unix_table_lock here
+ if (u->addr) { // under unix_table_locks here
int i, len;
seq_putc(seq, ' ');
@@ -3441,10 +3460,13 @@ static void __init bpf_iter_register(void)
static int __init af_unix_init(void)
{
- int rc = -1;
+ int i, rc = -1;
BUILD_BUG_ON(sizeof(struct unix_skb_parms) > sizeof_field(struct sk_buff, cb));
+ for (i = 0; i < 2 * UNIX_HASH_SIZE; i++)
+ spin_lock_init(&unix_table_locks[i]);
+
rc = proto_register(&unix_dgram_proto, 1);
if (rc != 0) {
pr_crit("%s: Cannot create unix_sock SLAB cache!\n", __func__);
diff --git a/net/unix/diag.c b/net/unix/diag.c
index db555f267407..bb0b5ea1655f 100644
--- a/net/unix/diag.c
+++ b/net/unix/diag.c
@@ -13,7 +13,7 @@
static int sk_diag_dump_name(struct sock *sk, struct sk_buff *nlskb)
{
- /* might or might not have unix_table_lock */
+ /* might or might not have unix_table_locks */
struct unix_address *addr = smp_load_acquire(&unix_sk(sk)->addr);
if (!addr)
@@ -204,13 +204,13 @@ static int unix_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
s_slot = cb->args[0];
num = s_num = cb->args[1];
- spin_lock(&unix_table_lock);
for (slot = s_slot;
slot < ARRAY_SIZE(unix_socket_table);
s_num = 0, slot++) {
struct sock *sk;
num = 0;
+ spin_lock(&unix_table_locks[slot]);
sk_for_each(sk, &unix_socket_table[slot]) {
if (!net_eq(sock_net(sk), net))
continue;
@@ -221,14 +221,16 @@ static int unix_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
if (sk_diag_dump(sk, skb, req,
NETLINK_CB(cb->skb).portid,
cb->nlh->nlmsg_seq,
- NLM_F_MULTI) < 0)
+ NLM_F_MULTI) < 0) {
+ spin_unlock(&unix_table_locks[slot]);
goto done;
+ }
next:
num++;
}
+ spin_unlock(&unix_table_locks[slot]);
}
done:
- spin_unlock(&unix_table_lock);
cb->args[0] = slot;
cb->args[1] = num;
@@ -237,21 +239,19 @@ static int unix_diag_dump(struct sk_buff *skb, struct netlink_callback *cb)
static struct sock *unix_lookup_by_ino(unsigned int ino)
{
- int i;
struct sock *sk;
+ int i;
- spin_lock(&unix_table_lock);
for (i = 0; i < ARRAY_SIZE(unix_socket_table); i++) {
+ spin_lock(&unix_table_locks[i]);
sk_for_each(sk, &unix_socket_table[i])
if (ino == sock_i_ino(sk)) {
sock_hold(sk);
- spin_unlock(&unix_table_lock);
-
+ spin_unlock(&unix_table_locks[i]);
return sk;
}
+ spin_unlock(&unix_table_locks[i]);
}
-
- spin_unlock(&unix_table_lock);
return NULL;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH RESEND v2 net-next 13/13] af_unix: Relax race in unix_autobind().
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
` (11 preceding siblings ...)
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 12/13] af_unix: Replace the big lock with small locks Kuniyuki Iwashima
@ 2021-11-22 17:41 ` Kuniyuki Iwashima
12 siblings, 0 replies; 14+ messages in thread
From: Kuniyuki Iwashima @ 2021-11-22 17:41 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski
Cc: Eric Dumazet, Kuniyuki Iwashima, Kuniyuki Iwashima,
Benjamin Herrenschmidt, netdev
When we bind an AF_UNIX socket without a name specified, the kernel selects
an available one from 0x00000 to 0xFFFFF. unix_autobind() starts searching
from a number in the 'static' variable and increments it after acquiring
two locks.
If multiple processes try autobind, they obtain the same lock and check if
a socket in the hash list has the same name. If not, one process uses it,
and all except one end up retrying the _next_ number (actually not, it may
be incremented by the other processes). The more we autobind sockets in
parallel, the longer the latency gets. We can avoid such a race by
searching for a name from a random number.
These show latency in unix_autobind() while 64 CPUs are simultaneously
autobind-ing 1024 sockets for each.
Without this patch:
usec : count distribution
0 : 1176 |*** |
2 : 3655 |*********** |
4 : 4094 |************* |
6 : 3831 |************ |
8 : 3829 |************ |
10 : 3844 |************ |
12 : 3638 |*********** |
14 : 2992 |********* |
16 : 2485 |******* |
18 : 2230 |******* |
20 : 2095 |****** |
22 : 1853 |***** |
24 : 1827 |***** |
26 : 1677 |***** |
28 : 1473 |**** |
30 : 1573 |***** |
32 : 1417 |**** |
34 : 1385 |**** |
36 : 1345 |**** |
38 : 1344 |**** |
40 : 1200 |*** |
With this patch:
usec : count distribution
0 : 1855 |****** |
2 : 6464 |********************* |
4 : 9936 |******************************** |
6 : 12107 |****************************************|
8 : 10441 |********************************** |
10 : 7264 |*********************** |
12 : 4254 |************** |
14 : 2538 |******** |
16 : 1596 |***** |
18 : 1088 |*** |
20 : 800 |** |
22 : 670 |** |
24 : 601 |* |
26 : 562 |* |
28 : 525 |* |
30 : 446 |* |
32 : 378 |* |
34 : 337 |* |
36 : 317 |* |
38 : 314 |* |
40 : 298 | |
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
---
net/unix/af_unix.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 77334815bc3d..8b1e74d0f734 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -1069,8 +1069,7 @@ static int unix_autobind(struct sock *sk)
unsigned int new_hash, old_hash = sk->sk_hash;
struct unix_sock *u = unix_sk(sk);
struct unix_address *addr;
- unsigned int retries = 0;
- static u32 ordernum = 1;
+ u32 lastnum, ordernum;
int err;
err = mutex_lock_interruptible(&u->bindlock);
@@ -1085,31 +1084,34 @@ static int unix_autobind(struct sock *sk)
if (!addr)
goto out;
+ addr->len = offsetof(struct sockaddr_un, sun_path) + 6;
addr->name->sun_family = AF_UNIX;
refcount_set(&addr->refcnt, 1);
+ lastnum = ordernum = prandom_u32();
+ lastnum &= 0xFFFFF;
retry:
- addr->len = sprintf(addr->name->sun_path + 1, "%05x", ordernum) +
- offsetof(struct sockaddr_un, sun_path) + 1;
+ ordernum = (ordernum + 1) & 0xFFFFF;
+ sprintf(addr->name->sun_path + 1, "%05x", ordernum);
new_hash = unix_abstract_hash(addr->name, addr->len, sk->sk_type);
unix_table_double_lock(old_hash, new_hash);
- ordernum = (ordernum+1)&0xFFFFF;
if (__unix_find_socket_byname(sock_net(sk), addr->name, addr->len, new_hash)) {
unix_table_double_unlock(old_hash, new_hash);
- /*
- * __unix_find_socket_byname() may take long time if many names
+ /* __unix_find_socket_byname() may take long time if many names
* are already in use.
*/
cond_resched();
- /* Give up if all names seems to be in use. */
- if (retries++ == 0xFFFFF) {
+
+ if (ordernum == lastnum) {
+ /* Give up if all names seems to be in use. */
err = -ENOSPC;
- kfree(addr);
+ unix_release_addr(addr);
goto out;
}
+
goto retry;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 14+ messages in thread
end of thread, other threads:[~2021-11-22 17:44 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-22 17:41 [PATCH RESEND v2 net-next 00/13] af_unix: Replace unix_table_lock with per-hash locks Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 01/13] af_unix: Use offsetof() instead of sizeof() Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 02/13] af_unix: Pass struct sock to unix_autobind() Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 03/13] af_unix: Factorise unix_find_other() based on address types Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 04/13] af_unix: Return an error as a pointer in unix_find_other() Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 05/13] af_unix: Cut unix_validate_addr() out of unix_mkname() Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 06/13] af_unix: Copy unix_mkname() into unix_find_(bsd|abstract)() Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 07/13] af_unix: Remove unix_mkname() Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 08/13] af_unix: Allocate unix_address in unix_bind_(bsd|abstract)() Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 09/13] af_unix: Remove UNIX_ABSTRACT() macro and test sun_path[0] instead Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 10/13] af_unix: Add helpers to calculate hashes Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 11/13] af_unix: Save hash in sk_hash Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 12/13] af_unix: Replace the big lock with small locks Kuniyuki Iwashima
2021-11-22 17:41 ` [PATCH RESEND v2 net-next 13/13] af_unix: Relax race in unix_autobind() Kuniyuki Iwashima
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.