From nobody Fri Apr 10 23:28:54 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DA093C00140 for ; Thu, 18 Aug 2022 17:03:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344366AbiHRRDr (ORCPT ); Thu, 18 Aug 2022 13:03:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34892 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345242AbiHRRA5 (ORCPT ); Thu, 18 Aug 2022 13:00:57 -0400 Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 78EBCCAC7D for ; Thu, 18 Aug 2022 10:00:50 -0700 (PDT) Received: by mail-wr1-x434.google.com with SMTP id u14so2412968wrq.9 for ; Thu, 18 Aug 2022 10:00:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=arista.com; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc; bh=F0lkibhqVPCxvm3Ppub1hqnowC+kOn1prFBSdpysGnA=; b=OrGuEHr2A8fKjpufJq6HnT8hr0ZAUvIjJ6CLyZhObIJiALHKPBXE9v63L0D4vbjpYs N19JEohxVQ/z1fkpCUt0gjpYskJuig0glIXMEI93daJ97YKRS6C4zZyFy0uLw/kLkxTV CmuCiw+SLLiXW4ieAyQ159nfR+LgPVM2uRTJkAoQKCwLw4L0jmVTAdV0Mknlkj2CQpQo fCs46WTa3RNnl1YgOiJ+svgbCDdze5Q1GIe2Kzw/EDFs+HRBV+8WljTagZ0YSKC7m3y3 kjbsf4DWo2mJkqMAK/QBwNtuvP7x0b5KTlOgPXxhDflkpbZ+9nZS3216GYbw/2Pv/0p3 D14Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc; bh=F0lkibhqVPCxvm3Ppub1hqnowC+kOn1prFBSdpysGnA=; b=HxnqL/GrGsfaeSgQwAAWivjVJrXXOoQGKvSMqr8+X5I+v2CHPIu92zjv0XMKzYNeIf KbrK3aQO9p95pRP/NcGjSWteItRd81ytfdNrv6gtZJtTMranaK1vnjMAJbC2yn4ircUp gG2/SMzmOkFwYtiL8XiAnCtnS/4+9F1BfvLKvv/CGRlsEQ7oEWbZlgbyYq8ErzEN3U+0 3xngVyqhQSZ0FhUmjn89/hmQEbcQaR+sUPfFQXUwIIpWTCEhLuKk/p6Dz50n2NrWFX6B y46ohFEriZeZIwVrWghui9d/hTB1n0/Z6+fbcyLbSJ8rkUizVNdTRRTE6mNJ/DN3PeMn GkIA== X-Gm-Message-State: ACgBeo19M5eHVUzXYZi3QZWVNSw1x9HItls/tvVswee+BSEMXw8gPyHa dvT7kNotBWq4Zwo1b1RzuAcMcw== X-Google-Smtp-Source: AA6agR7aVywVC+hUyPavX61ThpyiJr5HTVXdX9EC4bZKCl94tWP2/qyrT4+wqKRzmQysAKCtbIF1Bg== X-Received: by 2002:a5d:5c12:0:b0:225:2993:2b63 with SMTP id cc18-20020a5d5c12000000b0022529932b63mr2232886wrb.294.1660842049011; Thu, 18 Aug 2022 10:00:49 -0700 (PDT) Received: from Mindolluin.ire.aristanetworks.com ([217.173.96.166]) by smtp.gmail.com with ESMTPSA id be13-20020a05600c1e8d00b003a511e92abcsm2662169wmb.34.2022.08.18.10.00.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Aug 2022 10:00:48 -0700 (PDT) From: Dmitry Safonov To: Eric Dumazet , "David S. Miller" , linux-kernel@vger.kernel.org Cc: Dmitry Safonov , Andy Lutomirski , Ard Biesheuvel , Bob Gilligan , David Ahern , Dmitry Safonov <0x7f454c46@gmail.com>, Eric Biggers , Francesco Ruggeri , Herbert Xu , Hideaki YOSHIFUJI , Ivan Delalande , Jakub Kicinski , Leonard Crestez , Paolo Abeni , Salam Noureddine , Shuah Khan , netdev@vger.kernel.org, linux-crypto@vger.kernel.org Subject: [PATCH 24/31] net/tcp: Allow asynchronous delete for TCP-AO keys (MKTs) Date: Thu, 18 Aug 2022 17:59:58 +0100 Message-Id: <20220818170005.747015-25-dima@arista.com> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20220818170005.747015-1-dima@arista.com> References: <20220818170005.747015-1-dima@arista.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Delete becomes very, very fast - almost free, but after setsockopt() syscall returns, the key is still alive until next RCU grace period. Which is fine for listen sockets as userspace needs to be aware of setsockopt(TCP_AO) and accept() race and resolve it with verification by getsockopt() after TCP connection was accepted. The benchmark results (on non-loaded box, worse with more RCU work pending): > ok 33 Worst case delete 16384 keys: min=3D5ms max=3D10ms mean=3D6.9= 3904ms stddev=3D0.263421 > ok 34 Add a new key 16384 keys: min=3D1ms max=3D4ms mean=3D2.17= 751ms stddev=3D0.147564 > ok 35 Remove random-search 16384 keys: min=3D5ms max=3D10ms mean=3D6.5= 0243ms stddev=3D0.254999 > ok 36 Remove async 16384 keys: min=3D0ms max=3D0ms mean=3D0.02= 96107ms stddev=3D0.0172078 Co-developed-by: Francesco Ruggeri Signed-off-by: Francesco Ruggeri Co-developed-by: Salam Noureddine Signed-off-by: Salam Noureddine Signed-off-by: Dmitry Safonov --- include/uapi/linux/tcp.h | 3 +++ net/ipv4/tcp_ao.c | 17 ++++++++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/include/uapi/linux/tcp.h b/include/uapi/linux/tcp.h index 453187d21da8..42850ae6e99d 100644 --- a/include/uapi/linux/tcp.h +++ b/include/uapi/linux/tcp.h @@ -353,6 +353,9 @@ struct tcp_diag_md5sig { #define TCP_AO_CMDF_CURR (1 << 0) /* Only checks field sndid */ #define TCP_AO_CMDF_NEXT (1 << 1) /* Only checks field rcvid */ #define TCP_AO_CMDF_ACCEPT_ICMP (1 << 2) /* Accept incoming ICMPs */ +#define TCP_AO_CMDF_DEL_ASYNC (1 << 3) /* Asynchronious delete, valid + * only for listen sockets + */ =20 #define TCP_AO_GET_CURR TCP_AO_CMDF_CURR #define TCP_AO_GET_NEXT TCP_AO_CMDF_NEXT diff --git a/net/ipv4/tcp_ao.c b/net/ipv4/tcp_ao.c index 5ab16b857c29..8e75432c0cc8 100644 --- a/net/ipv4/tcp_ao.c +++ b/net/ipv4/tcp_ao.c @@ -1422,7 +1422,7 @@ static bool tcp_ao_mkt_overlap_v6(struct tcp_ao *cmd, #define TCP_AO_CMDF_ADDMOD_VALID \ (TCP_AO_CMDF_CURR | TCP_AO_CMDF_NEXT | TCP_AO_CMDF_ACCEPT_ICMP) #define TCP_AO_CMDF_DEL_VALID \ - (TCP_AO_CMDF_CURR | TCP_AO_CMDF_NEXT) + (TCP_AO_CMDF_CURR | TCP_AO_CMDF_NEXT | TCP_AO_CMDF_DEL_ASYNC) #define TCP_AO_GETF_VALID \ (TCP_AO_GET_ALL | TCP_AO_GET_CURR | TCP_AO_GET_NEXT) =20 @@ -1547,11 +1547,26 @@ static int tcp_ao_delete_key(struct sock *sk, struc= t tcp_ao_key *key, =20 hlist_del_rcu(&key->node); =20 + /* Support for async delete on listening sockets: as they don't + * need current_key/rnext_key maintaining, we don't need to check + * them and we can just free all resources in RCU fashion. + */ + if (cmd->tcpa_flags & TCP_AO_CMDF_DEL_ASYNC) { + if (sk->sk_state !=3D TCP_LISTEN) + return -EINVAL; + atomic_sub(tcp_ao_sizeof_key(key), &sk->sk_omem_alloc); + call_rcu(&key->rcu, tcp_ao_key_free_rcu); + return 0; + } + /* At this moment another CPU could have looked this key up * while it was unlinked from the list. Wait for RCU grace period, * after which the key is off-list and can't be looked up again; * the rx path [just before RCU came] might have used it and set it * as current_key (very unlikely). + * Free the key with next RCU grace period (in case it was + * current_key before tcp_ao_current_rnext() might have + * changed it in forced-delete). */ synchronize_rcu(); err =3D tcp_ao_current_rnext(sk, cmd->tcpa_flags, --=20 2.37.2