Received: by 10.192.165.148 with SMTP id m20csp4557427imm;
        Tue, 24 Apr 2018 04:55:36 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/E8ezqIt0wmv6ubHWqTLR3bi27KRW9UTKzJHHu2UAHevp5hRXrXyIyUWcPV0OusCmHIK85
X-Received: by 10.98.217.5 with SMTP id s5mr21460516pfg.20.1524570936597;
        Tue, 24 Apr 2018 04:55:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524570936; cv=none;
        d=google.com; s=arc-20160816;
        b=vPMMimI50YwkNaDptFyB91WI4ePBNm4AdBUkB8YuDG+I+RYQntnVvjbMS90yj9flg+
         RUmKNMx8j7QiaZPLVNthAX1sTpcqDp8o1oJJZHQi4jlAUfY42ee5ZTs9gSC1uWS/Z/7R
         6plspCSTXzaJX/WgSQt9qprpUTpMb6Tiw2wLvHha99rebtil/N533pFa2+HBaxkE7bf3
         NhCBrLYsRgqi/PvVOvq0sg339PvtjL6HirsaHzvI2IdmbFMhj5E8YJJNkK64ZTWgQAQC
         ypy7uBTqwSwloYIRMrFu5FksSnAcwzmTq53ZVgdC7FIy4SNQsYxzCcrO/OYkZTWU1m/e
         1FYA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature
         :arc-authentication-results;
        bh=kGxuO54LNfgC69ScAXJj7wAZyhAKAlY381TkF3AMwFI=;
        b=b/EZpV/Uip/lvy6yF/1Ai+3DlLhvWJKYThLXnxKXL5pCDdXEhCtw7aDYk9BFtZdzQl
         IvX8bTUWKIu/FQQKVuV/wxZYW3pfbWIP8eqU4IhIvvIuQ62igcyOjCHH0zlFOZ94uefJ
         N1MIK0n65V3paeRDivCZslr9xITYGA2bkZ2G76qCa+tQBVNLx2A/bDkDtmsovaAIAgT2
         bNZ0ww7t98R+OlAP5vkBgWZvSPQl2DJzi9+fVUlYZFrZrZ/qL7IUacl+bk+0Os5LFq3T
         zbzyaiug0glygPPIj/K4BGlsRE/e0tnHp/3wTYpGCGDUE8yR3ZqSjJaYiB+bg+7m0BVQ
         gmYQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=VT+Uxa8K;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 68-v6si14048996pla.452.2018.04.24.04.55.21;
        Tue, 24 Apr 2018 04:55:36 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=VT+Uxa8K;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932497AbeDXLmK (ORCPT <rfc822;huangweiredhat@gmail.com>
        + 99 others); Tue, 24 Apr 2018 07:42:10 -0400
Received: from mail-pf0-f193.google.com ([209.85.192.193]:46302 "EHLO
        mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750736AbeDXLmG (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 24 Apr 2018 07:42:06 -0400
Received: by mail-pf0-f193.google.com with SMTP id h69so12030068pfe.13;
        Tue, 24 Apr 2018 04:42:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=kGxuO54LNfgC69ScAXJj7wAZyhAKAlY381TkF3AMwFI=;
        b=VT+Uxa8KFK78vsvzpjR9D5NtX4YUAAO+MMZS0QlHR+3SAg07L5ux2QFlWELCRN3P9L
         mWtGdO7io0FLHoVnPC5lzM21G0Ph8vo+mRvvu/GwfXvtIZLqUCHkaExe5KXoY7wZjJ/+
         Lh3Ezwqa16aDKOLtIROyQrvFHe71bbWgOn6mwfWjdszGE8BeY0lYEMFpVjuIdBJyG5yZ
         NvGT6HaY9cF5WlJbb073pXoPdhQDKlP+7fBqIspP2UG+0W6iyH/XKSI1Z1WsFYR2NkvZ
         u3HYQReoWINPjS3QeVY+uYRh9eZ4ou0XxlV8FUaPyML/ModRs7VgTx36AdMTHi24yvuu
         9l1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=kGxuO54LNfgC69ScAXJj7wAZyhAKAlY381TkF3AMwFI=;
        b=S5c5+gokbgsi3nuXjwOIC0PWXX1jYpreSXGRDQboBQhEhtVhQxPTDhP9j534lsrrjh
         ZCa/Z7h+nCgLV0rsMA5lJF3BuJqVW9EV12s63CAuv3YZr/YLASZ4lV64gYMRMGwnB1nX
         yIp40+6PyJEFdCV0qbbu4QYpPxz9RN+qmwrYL/8614g1IRbsXVjR2QITxMKBUscSqK9+
         HMOsnwd247BfnjgA+gUpN4AfMvp2f3KZaT7c6JX36J95F7XGZwPAw307IcCGmLe/64Js
         VYyr3g8c/Esd0W434INhsKrn/wZC+zecYYjy2jB5xT558zdPvD28SqLPEHw7BrmEj4WL
         6cAQ==
X-Gm-Message-State: ALQs6tA3xazqEsyA+N8loJ98oo3b3oNafjqpVMriY/2uJ87RJBy8R0Ah
        C5pEYOcbf57jTwxXb3EYUYPgu/3m
X-Received: by 2002:a17:902:5a88:: with SMTP id r8-v6mr24875229pli.78.1524570125551;
        Tue, 24 Apr 2018 04:42:05 -0700 (PDT)
Received: from [192.168.86.235] (c-67-180-167-114.hsd1.ca.comcast.net. [67.180.167.114])
        by smtp.gmail.com with ESMTPSA id c201sm27136055pfb.30.2018.04.24.04.42.04
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 24 Apr 2018 04:42:04 -0700 (PDT)
Subject: Re: [PATCH net-next] net: init sk_cookie for inet socket
To:     Yafang Shao <laoar.shao@gmail.com>,
        Eric Dumazet <eric.dumazet@gmail.com>
Cc:     David Miller <davem@davemloft.net>,
        Alexei Starovoitov <alexei.starovoitov@gmail.com>,
        netdev@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>
References: <1524405004-10960-1-git-send-email-laoar.shao@gmail.com>
 <20180423.115821.640630949143585629.davem@davemloft.net>
 <788ce3f1-6534-5c2e-1870-5ebd8ea4ae7f@gmail.com>
 <CALOAHbDpgOckQhW7_Ysi-F2HCoZW4RKSdUuvTquELJZsaMj6Lg@mail.gmail.com>
From:   Eric Dumazet <eric.dumazet@gmail.com>
Message-ID: <67a158d9-cd33-8c28-39c3-9cead4107205@gmail.com>
Date:   Tue, 24 Apr 2018 04:41:37 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <CALOAHbDpgOckQhW7_Ysi-F2HCoZW4RKSdUuvTquELJZsaMj6Lg@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 04/23/2018 09:39 PM, Yafang Shao wrote:
> On Tue, Apr 24, 2018 at 12:09 AM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
>>
>>
>> On 04/23/2018 08:58 AM, David Miller wrote:
>>> From: Yafang Shao <laoar.shao@gmail.com>
>>> Date: Sun, 22 Apr 2018 21:50:04 +0800
>>>
>>>> With sk_cookie we can identify a socket, that is very helpful for
>>>> traceing and statistic, i.e. tcp tracepiont and ebpf.
>>>> So we'd better init it by default for inet socket.
>>>> When using it, we just need call atomic64_read(&sk->sk_cookie).
>>>>
>>>> Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
>>>
>>> Applied, thank you.
>>>
>>
>> This is adding yet another atomic_inc on a global cache line.
>>
> 
> That's a trade-off.
> 
>> Most applications do not need the cookie being ever set.
>>
>> The existing mechanism was fine. Set it on demand.
> 
> There are some drawback in the existing mechanism.
> - we have to set the net->cookie_gen and then sk->sk_cookie when we
> want to get the sk_cookie, that's a little expensive as well.

Same cost.

>   After that change, sock_gen_cookie() could be replaced by
> atomic64_read(&sk->sk_cookie) in most places.

Same cost than the helper.

> 
> - If the application want to get the sk_cookie, it must set it first.
>    What if the application don't have the permision to write?
>    Furthermore, maybe it is a security concern ?


Maybe ? Please elaborate.

Your patch destroys SYNFLOOD behavior.

I have spent months of work solving the SYNFLOOD behavior, your patch crushes it.

I am not that happy.

Please revert this patch.

Thank you.