From: Florian Westphal <fw@strlen.de>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Florian Westphal <fw@strlen.de>,
Anatol Pomozov <anatol.pomozov@gmail.com>,
Dmitry Vyukov <dvyukov@google.com>,
paulmck@linux.ibm.com, LKML <linux-kernel@vger.kernel.org>
Subject: Re: seqcount usage in xt_replace_table()
Date: Thu, 10 Jan 2019 15:48:12 +0100 [thread overview]
Message-ID: <20190110144812.mkbokbj2iyryj6lv@breakpoint.cc> (raw)
In-Reply-To: <20190110124123.GA21224@hirez.programming.kicks-ass.net>
Peter Zijlstra <peterz@infradead.org> wrote:
> /*
> * Ensure contents of newinfo are visible before assigning to
> * private.
> */
> smp_wmb();
> table->private = newinfo;
>
> we have:
>
> smp_store_release(&table->private, newinfo);
>
> But what store does that second smp_wmb() order against? The comment:
>
> /* make sure all cpus see new ->private value */
> smp_wmb();
>
> makes no sense what so ever, no smp_*() barrier can provide such
> guarantees.
IIRC I added this at the request of a reviewer of an earlier iteration
of that patch.
IIRC the concern was that compiler/hw could re-order
smb_wmb();
table->private = newinfo;
/* wait until all cpus are done with old table */
into:
smb_wmb();
/* wait until all cpus are done with old table */
...
table->private = newinfo;
and that (obviously) makes the wait-loop useless.
> > Only alternative I see that might work is synchronize_rcu (the
> > _do_table functions are called with rcu read lock held).
> >
> > I guess current scheme is cheaper though.
>
> Is performance a concern in this path? There is no comment justifying
> this 'creative' stuff.
We have to wait until all cpus are done with current iptables ruleset.
Before this 'creative' change, this relied on get_counters
synchronization. And that caused wait times of 30 seconds or more on
busy systems.
I have no objections swapping this with a synchronize_rcu() if that
makes it easier.
(synchronize_rcu might be confusing though, as we don't use rcu
for table->private), and one 'has to know' that all the netfilter
hooks, including the iptables eval loop, run with rcu_read_lock
held).
next prev parent reply other threads:[~2019-01-10 14:48 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-08 19:33 seqcount usage in xt_replace_table() Anatol Pomozov
2019-01-08 22:37 ` Florian Westphal
2019-01-10 12:41 ` Peter Zijlstra
2019-01-10 12:53 ` Dmitry Vyukov
2019-01-10 20:18 ` Peter Zijlstra
2019-01-10 14:48 ` Florian Westphal [this message]
2019-01-10 20:20 ` Peter Zijlstra
2019-01-10 20:25 ` Peter Zijlstra
2019-01-10 22:29 ` Florian Westphal
2019-01-11 8:34 ` Peter Zijlstra
2019-01-11 14:08 ` Paul E. McKenney
2019-01-10 14:52 ` Paul E. McKenney
2019-01-09 0:02 ` Andrea Parri
2019-01-09 0:36 ` Anatol Pomozov
2019-01-09 5:35 ` Dmitry Vyukov
2019-01-09 11:24 ` Andrea Parri
2019-01-09 11:55 ` Dmitry Vyukov
2019-01-09 12:11 ` Andrea Parri
2019-01-09 12:29 ` Dmitry Vyukov
2019-01-09 17:10 ` Paul E. McKenney
2019-01-10 8:49 ` Dmitry Vyukov
2019-01-10 12:30 ` Andrea Parri
2019-01-10 12:38 ` Dmitry Vyukov
2019-01-10 12:46 ` Andrea Parri
2019-01-10 13:25 ` Dmitry Vyukov
2019-01-10 14:50 ` Paul E. McKenney
2019-01-10 12:44 ` Peter Zijlstra
2019-01-10 12:54 ` Dmitry Vyukov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190110144812.mkbokbj2iyryj6lv@breakpoint.cc \
--to=fw@strlen.de \
--cc=anatol.pomozov@gmail.com \
--cc=dvyukov@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=paulmck@linux.ibm.com \
--cc=peterz@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).