Received: by 10.192.165.148 with SMTP id m20csp4558230imm;
        Tue, 24 Apr 2018 04:56:29 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/9jezRWtUM0NAa9LM2/lmX8K09gDJL53ba9GrWG12DbQAe7Ry7Momhglr5KFt7bhZnEJTR
X-Received: by 10.98.8.12 with SMTP id c12mr23783943pfd.77.1524570989158;
        Tue, 24 Apr 2018 04:56:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524570989; cv=none;
        d=google.com; s=arc-20160816;
        b=EjPRgz/xGT21v9Ycyn6IewBUBH/2ppKvHp0sMM6Ap9BfqaiB3uO6DHxXPz7743b+5e
         83eP8FxoebrTv8j8YBR2/YZ4t7TDngt2OQUeX4SAqwqB4OTGlDkoD89Ans3VemT6lgjQ
         kZ9AFTQuwK3r5umIl7AJ4VEi2mm/R/t6WHRYeZFwrzUVZ7j9/drqCM1iRRLba+jOXi3I
         hnyhNPFDoFRKTxyzITnzfwkhdfgJG6nNw+BZALAquLxVxVhtHMy7uTEO69kFL6sg1qq5
         J1Sq1Hyc+586VAklZQvIyfjSmxnE0lK1Ym4ejDq2mjYS9Ck19C6Qbuej7LT4p8vUBqUH
         ZW1g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=NhNp3fYc1jwr+cgy8ELI0ih0xoYJFIuk3EowfBq1XaE=;
        b=Vq5Ql9cTRjcrkjSFwema/wGfYYbaQjcR6iwyYtEJPNUjdNNO7nrcubCAoKOwmWfJNe
         3/i/Saz5JfAAQcUbhJ+T2OgyVH4L1Rm1BHcEkpXjVouaw+6P+Ecg7TUDeS5qJYp41qkB
         a+6zHYZ9Fl0c4wxMe3itiMS6AAfuAJsXiLUaecTKNND0SatEiIuDuRzK3ygusmwIqjpO
         bKPT11E2JQ86990K0bGDd+e17FT/OU5FgDYzX18tV1X8lPPktHptljMuxMQoQvQzsk4t
         5nL5bthm3CaYwkebKL0WI04wbmuAWWFBiQpNQUcWYEzzrnR++YdnqyuiCR5qzk3NSSVj
         T20w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=D2wBD1aI;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y23si1729197pff.177.2018.04.24.04.56.14;
        Tue, 24 Apr 2018 04:56:29 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=D2wBD1aI;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932897AbeDXLsO (ORCPT <rfc822;huangweiredhat@gmail.com>
        + 99 others); Tue, 24 Apr 2018 07:48:14 -0400
Received: from mail-it0-f65.google.com ([209.85.214.65]:54721 "EHLO
        mail-it0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752789AbeDXLsM (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 24 Apr 2018 07:48:12 -0400
Received: by mail-it0-f65.google.com with SMTP id h143-v6so15065011ita.4;
        Tue, 24 Apr 2018 04:48:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=NhNp3fYc1jwr+cgy8ELI0ih0xoYJFIuk3EowfBq1XaE=;
        b=D2wBD1aIdLoREZcp5j2A+Kb01N/bfhWP019tH7T/xMo8XBSq2VkU27ouO8j28+CdYX
         dpV/ikk/2247mdzIQcTOL2rcwCK66sC8IkbVHbYJUwOzhfm37DdiQHIALtzGnk0nwrG9
         7N9YGWg6fO/AIOVcpTM6IT0sT17LgHDhdL1n1R8S2ib79NtujUIaHpv8cDBwyCtnn3qz
         EWRlofwn85o+cm2CW3m+SoAUI6B8YKtPxX6kaQnjJA/bzbRjtx87mRj0onLIFtGF3I4E
         Xozkq6xUqf83zj2T/XWGjZZroEjMzgnOQju31SmFSOtJfgidKox95biaJubNu4VFheqD
         HZ8A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=NhNp3fYc1jwr+cgy8ELI0ih0xoYJFIuk3EowfBq1XaE=;
        b=ZeWPrsUCDXcss/uS/V8ly9FLNmunHDT4RVztpkyRjRz9Fjyyrgshh2EMC6qq4I1Azk
         PogVI7vU6Nq76ykRi+uHYO4cRp3kO043omKPEt23rZ1cVpRNTehqkInYwPcKbKkikaFN
         uWi1y1rzo2YWHLwHmb28rekDypknDT0D1RzuyFE1sirf6CvFRMrT5hQGrUU2D4AxPAff
         RUyQ0i+v9/ofit1ZuawrX0d3oidtJH6m8ryKYrh19hmKryfRD7eEKvNW9msFVi9kAvVR
         ynvcBnealgyx2E+Bojt6YwLQBN2186zMTAqptklpzefjXoE00BBh2xni/UogSipa+VAY
         lbMw==
X-Gm-Message-State: ALQs6tCG52kNsezb53/mpu7tCbB/QAdqJyWPfo3q+iuCCrXbMQigNVcp
        j/ah5rQ+UQ30PsOK1BqR4IzzpmJGyG9FONpQG/E=
X-Received: by 2002:a24:9149:: with SMTP id i70-v6mr586564ite.142.1524570492282;
 Tue, 24 Apr 2018 04:48:12 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.181.10 with HTTP; Tue, 24 Apr 2018 04:47:31 -0700 (PDT)
In-Reply-To: <67a158d9-cd33-8c28-39c3-9cead4107205@gmail.com>
References: <1524405004-10960-1-git-send-email-laoar.shao@gmail.com>
 <20180423.115821.640630949143585629.davem@davemloft.net> <788ce3f1-6534-5c2e-1870-5ebd8ea4ae7f@gmail.com>
 <CALOAHbDpgOckQhW7_Ysi-F2HCoZW4RKSdUuvTquELJZsaMj6Lg@mail.gmail.com> <67a158d9-cd33-8c28-39c3-9cead4107205@gmail.com>
From:   Yafang Shao <laoar.shao@gmail.com>
Date:   Tue, 24 Apr 2018 19:47:31 +0800
Message-ID: <CALOAHbDajHPN9Z3TTWFBwpd1H16RVRRYYiUMrUELE3JxeZo+qw@mail.gmail.com>
Subject: Re: [PATCH net-next] net: init sk_cookie for inet socket
To:     Eric Dumazet <eric.dumazet@gmail.com>
Cc:     David Miller <davem@davemloft.net>,
        Alexei Starovoitov <alexei.starovoitov@gmail.com>,
        netdev@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Apr 24, 2018 at 7:41 PM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
>
>
> On 04/23/2018 09:39 PM, Yafang Shao wrote:
>> On Tue, Apr 24, 2018 at 12:09 AM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
>>>
>>>
>>> On 04/23/2018 08:58 AM, David Miller wrote:
>>>> From: Yafang Shao <laoar.shao@gmail.com>
>>>> Date: Sun, 22 Apr 2018 21:50:04 +0800
>>>>
>>>>> With sk_cookie we can identify a socket, that is very helpful for
>>>>> traceing and statistic, i.e. tcp tracepiont and ebpf.
>>>>> So we'd better init it by default for inet socket.
>>>>> When using it, we just need call atomic64_read(&sk->sk_cookie).
>>>>>
>>>>> Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
>>>>
>>>> Applied, thank you.
>>>>
>>>
>>> This is adding yet another atomic_inc on a global cache line.
>>>
>>
>> That's a trade-off.
>>
>>> Most applications do not need the cookie being ever set.
>>>
>>> The existing mechanism was fine. Set it on demand.
>>
>> There are some drawback in the existing mechanism.
>> - we have to set the net->cookie_gen and then sk->sk_cookie when we
>> want to get the sk_cookie, that's a little expensive as well.
>
> Same cost.
>
>>   After that change, sock_gen_cookie() could be replaced by
>> atomic64_read(&sk->sk_cookie) in most places.
>
> Same cost than the helper.
>
>>
>> - If the application want to get the sk_cookie, it must set it first.
>>    What if the application don't have the permision to write?
>>    Furthermore, maybe it is a security concern ?
>
>
> Maybe ? Please elaborate.
>
> Your patch destroys SYNFLOOD behavior.
>
> I have spent months of work solving the SYNFLOOD behavior, your patch crushes it.
>

Could you pls. explain the issue to me ?

> I am not that happy.
>
> Please revert this patch.
>

OK. I will revert it.

> Thank you.