From: Hannes Reinecke <hare@suse.de>
To: Sagi Grimberg <sagi@grimberg.me>, Christoph Hellwig <hch@lst.de>
Cc: Keith Busch <kbusch@kernel.org>,
linux-nvme@lists.infradead.org, Chuck Lever <cel@kernel.org>,
kernel-tls-handshake@lists.linux.dev
Subject: Re: [PATCH 13/18] nvmet-tcp: allocate socket file
Date: Wed, 22 Mar 2023 13:07:30 +0100 [thread overview]
Message-ID: <7d9817f0-da10-15e7-dcfb-038f7b3c0972@suse.de> (raw)
In-Reply-To: <8b037b12-86a6-f610-7b56-6d3201b30a25@grimberg.me>
On 3/22/23 12:46, Sagi Grimberg wrote:
>
>
> On 3/21/23 14:43, Hannes Reinecke wrote:
>> When using the TLS upcall we need to allocate a socket file such
>> that the userspace daemon is able to use the socket.
>>
>> Signed-off-by: Hannes Reinecke <hare@suse.de>
>> ---
>> drivers/nvme/target/tcp.c | 49 ++++++++++++++++++++++++++++-----------
>> 1 file changed, 36 insertions(+), 13 deletions(-)
>>
>> diff --git a/drivers/nvme/target/tcp.c b/drivers/nvme/target/tcp.c
>> index 66e8f9fd0ca7..5c43767c5ecd 100644
>> --- a/drivers/nvme/target/tcp.c
>> +++ b/drivers/nvme/target/tcp.c
>> @@ -96,12 +96,14 @@ struct nvmet_tcp_cmd {
>> enum nvmet_tcp_queue_state {
>> NVMET_TCP_Q_CONNECTING,
>> + NVMET_TCP_Q_TLS_HANDSHAKE,
>> NVMET_TCP_Q_LIVE,
>> NVMET_TCP_Q_DISCONNECTING,
>> };
>> struct nvmet_tcp_queue {
>> struct socket *sock;
>> + struct file *sock_file;
>> struct nvmet_tcp_port *port;
>> struct work_struct io_work;
>> struct nvmet_cq nvme_cq;
>> @@ -1455,12 +1457,19 @@ static void
>> nvmet_tcp_release_queue_work(struct work_struct *w)
>> nvmet_sq_destroy(&queue->nvme_sq);
>> cancel_work_sync(&queue->io_work);
>> nvmet_tcp_free_cmd_data_in_buffers(queue);
>> - sock_release(queue->sock);
>> + if (queue->sock_file) {
>> + fput(queue->sock_file);
>
> I don't remember, but does the fput call sock_release
> on the final put? I'd move this into a helper nvmet_tcp_close_sock()
> or something.
>
Yes, it does. (Took me some weeks to figure that out...)
But yeah, we can do a helper.
>> + queue->sock_file = NULL;
>> + queue->sock = NULL;
>
> I always get a bit weary when I see that deallocations are setting
> pointers to NULL.
>
And curiously that's a pattern I commonly use to track invalid accesses.
But that's just personal preference.
>> + } else {
>> + WARN_ON(!queue->sock->ops);
>> + sock_release(queue->sock);
>> + queue->sock = NULL;
>> + }
>> nvmet_tcp_free_cmds(queue);
>> if (queue->hdr_digest || queue->data_digest)
>> nvmet_tcp_free_crypto(queue);
>> ida_free(&nvmet_tcp_queue_ida, queue->idx);
>> -
>> page = virt_to_head_page(queue->pf_cache.va);
>> __page_frag_cache_drain(page, queue->pf_cache.pagecnt_bias);
>> kfree(queue);
>> @@ -1583,7 +1592,7 @@ static int nvmet_tcp_set_queue_sock(struct
>> nvmet_tcp_queue *queue)
>> return ret;
>> }
>> -static int nvmet_tcp_alloc_queue(struct nvmet_tcp_port *port,
>> +static void nvmet_tcp_alloc_queue(struct nvmet_tcp_port *port,
>> struct socket *newsock)
>
> Why is this becoming a void function? This absolutely can fail.
>
Oh, it can fail.
But it's being called as a last call in a 'void' function, so there is
nothing the caller could do with the return value.
And the caller actually just uses the return value to print out a
logging message, so I moved that call into nvmet_tcp_alloc_queue()
and made it a 'void' function.
>> {
>> struct nvmet_tcp_queue *queue;
>> @@ -1591,7 +1600,7 @@ static int nvmet_tcp_alloc_queue(struct
>> nvmet_tcp_port *port,
>> queue = kzalloc(sizeof(*queue), GFP_KERNEL);
>> if (!queue)
>> - return -ENOMEM;
>> + return;
>> INIT_WORK(&queue->release_work, nvmet_tcp_release_queue_work);
>> INIT_WORK(&queue->io_work, nvmet_tcp_io_work);
>> @@ -1599,15 +1608,28 @@ static int nvmet_tcp_alloc_queue(struct
>> nvmet_tcp_port *port,
>> queue->port = port;
>> queue->nr_cmds = 0;
>> spin_lock_init(&queue->state_lock);
>> - queue->state = NVMET_TCP_Q_CONNECTING;
>> + if (queue->port->nport->disc_addr.tsas.tcp.sectype ==
>> + NVMF_TCP_SECTYPE_TLS13)
>> + queue->state = NVMET_TCP_Q_TLS_HANDSHAKE;
>> + else
>> + queue->state = NVMET_TCP_Q_CONNECTING;
>> INIT_LIST_HEAD(&queue->free_list);
>> init_llist_head(&queue->resp_list);
>> INIT_LIST_HEAD(&queue->resp_send_list);
>> + if (queue->state == NVMET_TCP_Q_TLS_HANDSHAKE) {
>> + queue->sock_file = sock_alloc_file(queue->sock, O_CLOEXEC,
>> NULL);
>> + if (IS_ERR(queue->sock_file)) {
>> + ret = PTR_ERR(queue->sock_file);
>> + queue->sock_file = NULL;
>> + goto out_free_queue;
>> + }
>> + }
>> +
>> queue->idx = ida_alloc(&nvmet_tcp_queue_ida, GFP_KERNEL);
>> if (queue->idx < 0) {
>> ret = queue->idx;
>> - goto out_free_queue;
>> + goto out_sock;
>> }
>> ret = nvmet_tcp_alloc_cmd(queue, &queue->connect);
>> @@ -1628,7 +1650,7 @@ static int nvmet_tcp_alloc_queue(struct
>> nvmet_tcp_port *port,
>> if (ret)
>> goto out_destroy_sq;
>> - return 0;
>> + return;
>> out_destroy_sq:
>> mutex_lock(&nvmet_tcp_queue_mutex);
>> list_del_init(&queue->queue_list);
>> @@ -1638,9 +1660,14 @@ static int nvmet_tcp_alloc_queue(struct
>> nvmet_tcp_port *port,
>> nvmet_tcp_free_cmd(&queue->connect);
>> out_ida_remove:
>> ida_free(&nvmet_tcp_queue_ida, queue->idx);
>> +out_sock:
>> + if (queue->sock_file)
>> + fput(queue->sock_file);
>> + else
>> + sock_release(queue->sock);
>> out_free_queue:
>> kfree(queue);
>> - return ret;
>> + pr_err("failed to allocate queue");
>
> Can we design this better?
> It looks backwards that this routine deallocates an argument
> coming from the call-site.
>
> I know that this is similar to what happens with kernel_accept
> to some extent. But would prefer to avoid this pattern if possible.
>
Sure; I just followed precedent here.
But no prob to change it.
Cheers,
Hannes
next prev parent reply other threads:[~2023-03-22 12:07 UTC|newest]
Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-21 12:43 [RFC PATCH 00/18] nvme: In-kernel TLS support for TCP Hannes Reinecke
2023-03-21 12:43 ` [PATCH 01/18] nvme-keyring: register '.nvme' keyring Hannes Reinecke
2023-03-21 13:50 ` Sagi Grimberg
2023-03-21 14:11 ` Hannes Reinecke
2023-03-21 12:43 ` [PATCH 02/18] nvme-keyring: define a 'psk' keytype Hannes Reinecke
2023-03-22 8:29 ` Sagi Grimberg
2023-03-22 8:38 ` Hannes Reinecke
2023-03-22 8:49 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 03/18] nvme: add TCP TSAS definitions Hannes Reinecke
2023-03-21 13:46 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 04/18] nvme-tcp: add definitions for TLS cipher suites Hannes Reinecke
2023-03-22 8:18 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 05/18] nvme-tcp: implement recvmsg rx flow for TLS Hannes Reinecke
2023-03-21 13:39 ` Sagi Grimberg
2023-03-21 13:59 ` Hannes Reinecke
2023-03-22 8:01 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 06/18] nvme-tcp: call 'queue->data_ready()' in nvme_tcp_data_ready() Hannes Reinecke
2023-03-21 13:44 ` Sagi Grimberg
2023-03-21 14:09 ` Hannes Reinecke
2023-03-22 0:18 ` Chris Leech
2023-03-22 6:59 ` Hannes Reinecke
2023-03-22 8:12 ` Sagi Grimberg
2023-03-22 8:08 ` Sagi Grimberg
2023-03-22 8:26 ` Hannes Reinecke
2023-03-22 10:13 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 07/18] nvme/tcp: allocate socket file Hannes Reinecke
2023-03-21 13:52 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 08/18] nvme-tcp: enable TLS handshake upcall Hannes Reinecke
2023-03-22 8:45 ` Sagi Grimberg
2023-03-22 9:12 ` Hannes Reinecke
2023-03-22 10:56 ` Sagi Grimberg
2023-03-22 12:54 ` Hannes Reinecke
2023-03-22 13:16 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 09/18] nvme-tcp: add connect option 'tls' Hannes Reinecke
2023-03-22 9:24 ` Sagi Grimberg
2023-03-22 9:59 ` Hannes Reinecke
2023-03-22 10:09 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 10/18] nvme-tcp: fixup send workflow for kTLS Hannes Reinecke
2023-03-22 9:31 ` Sagi Grimberg
2023-03-22 10:08 ` Hannes Reinecke
2023-03-22 11:18 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 11/18] nvme-tcp: control message handling for recvmsg() Hannes Reinecke
2023-03-22 11:33 ` Sagi Grimberg
2023-03-22 11:48 ` Hannes Reinecke
2023-03-22 11:50 ` Sagi Grimberg
2023-03-22 12:17 ` Hannes Reinecke
2023-03-22 12:29 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 12/18] nvmet: make TCP sectype settable via configfs Hannes Reinecke
2023-03-22 11:38 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 13/18] nvmet-tcp: allocate socket file Hannes Reinecke
2023-03-22 11:46 ` Sagi Grimberg
2023-03-22 12:07 ` Hannes Reinecke [this message]
2023-03-21 12:43 ` [PATCH 14/18] security/keys: export key_lookup() Hannes Reinecke
2023-03-21 12:43 ` [PATCH 15/18] nvmet-tcp: enable TLS handshake upcall Hannes Reinecke
2023-03-22 12:13 ` Sagi Grimberg
2023-03-22 12:34 ` Hannes Reinecke
2023-03-22 12:51 ` Sagi Grimberg
2023-03-22 13:47 ` Hannes Reinecke
2023-03-22 15:42 ` Sagi Grimberg
2023-03-22 16:43 ` Hannes Reinecke
2023-03-22 16:49 ` Chuck Lever III
2023-03-23 7:21 ` Sagi Grimberg
2023-03-24 11:29 ` Hannes Reinecke
2023-03-26 7:18 ` Sagi Grimberg
2023-03-27 6:20 ` Hannes Reinecke
2023-03-28 8:44 ` Sagi Grimberg
2023-03-28 9:20 ` Hannes Reinecke
2023-03-28 9:43 ` Sagi Grimberg
2023-03-28 10:04 ` Hannes Reinecke
2023-03-28 13:22 ` Chuck Lever III
2023-03-28 15:29 ` Sagi Grimberg
2023-03-28 15:56 ` Chuck Lever III
2023-03-29 6:33 ` Sagi Grimberg
2023-03-23 7:44 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 16/18] nvmet-tcp: rework sendpage for kTLS Hannes Reinecke
2023-03-22 12:16 ` Sagi Grimberg
2023-03-21 12:43 ` [PATCH 17/18] nvmet-tcp: control messages for recvmsg() Hannes Reinecke
2023-03-21 12:43 ` [PATCH 18/18] nvmet-tcp: peek icreq before starting TLS Hannes Reinecke
2023-03-22 12:24 ` Sagi Grimberg
2023-03-22 12:38 ` Hannes Reinecke
2023-03-21 13:12 ` [RFC PATCH 00/18] nvme: In-kernel TLS support for TCP Sagi Grimberg
2023-03-21 13:30 ` Hannes Reinecke
2023-03-22 8:16 ` Sagi Grimberg
2023-03-22 8:28 ` Hannes Reinecke
2023-03-22 12:53 ` Sagi Grimberg
2023-03-22 15:10 ` Hannes Reinecke
2023-03-22 15:43 ` Sagi Grimberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7d9817f0-da10-15e7-dcfb-038f7b3c0972@suse.de \
--to=hare@suse.de \
--cc=cel@kernel.org \
--cc=hch@lst.de \
--cc=kbusch@kernel.org \
--cc=kernel-tls-handshake@lists.linux.dev \
--cc=linux-nvme@lists.infradead.org \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).