Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S969926AbdIZSSy (ORCPT ); Tue, 26 Sep 2017 14:18:54 -0400 Received: from shards.monkeyblade.net ([184.105.139.130]:33856 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965399AbdIZSSx (ORCPT ); Tue, 26 Sep 2017 14:18:53 -0400 Date: Tue, 26 Sep 2017 11:18:51 -0700 (PDT) Message-Id: <20170926.111851.1172660559080066162.davem@davemloft.net> To: yanhaishuang@cmss.chinamobile.com Cc: kuznet@ms2.inr.ac.ru, edumazet@google.com, weiwan@google.com, lucab@debian.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v4 2/3] ipv4: Namespaceify tcp_fastopen_key knob From: David Miller In-Reply-To: References: <1506088124-12650-2-git-send-email-yanhaishuang@cmss.chinamobile.com> <20170925.162445.234890912211240693.davem@davemloft.net> X-Mailer: Mew version 6.7 on Emacs 25.3 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Text/Plain; charset=utf-8 X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Tue, 26 Sep 2017 11:18:52 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by nfs id v8QIJKnd003912 Content-Length: 1869 Lines: 48 From: 严海双 Date: Tue, 26 Sep 2017 09:25:51 +0800 >> On 2017年9月26日, at 上午7:24, David Miller wrote: >> >> From: Haishuang Yan >> Date: Fri, 22 Sep 2017 21:48:43 +0800 >> >>> @@ -9,13 +9,18 @@ >>> #include >>> #include >>> >>> -struct tcp_fastopen_context __rcu *tcp_fastopen_ctx; >>> - >>> -static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock); >>> - >>> -void tcp_fastopen_init_key_once(bool publish) >>> +void tcp_fastopen_init_key_once(struct net *net) >> >> Why did you remove the 'publish' logic from this function? >> > > I think this logic is not necessary now, in proc_tcp_fastopen_key, I have removed > tcp_fastopen_init_key_once(false) where the ‘publish’ is false: > > - /* Generate a dummy secret but don't publish it. This > - * is needed so we don't regenerate a new key on the > - * first invocation of tcp_fastopen_cookie_gen > - */ > - tcp_fastopen_init_key_once(false); > - tcp_fastopen_reset_cipher(user_key, TCP_FASTOPEN_KEY_LENGTH); > + tcp_fastopen_reset_cipher(net, user_key, TCP_FASTOPEN_KEY_LENGTH); > > It said we don't regenerate a new key on first invocation of tcp_fastopen_cookie_gen, > but in tcp_fastopen_cookie_gen,it didn’t call tcp_fastopen_init_key_once since > from commit dfea2aa654243 (tcp: Do not call tcp_fastopen_reset_cipher from interrupt context): > > And in other places where call tcp_fastopen_init_key_once, the ‘publish’ is always true: Ok, this simplification seems legitimate. But it is unrelated to this namespacification. So it should be in a separate patch, and should be documented well in the commit message using the great explanation you gave to me above. Please respin this series, with this patch #2 split up into two changes. Thank you.