Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp157886imd;
        Fri, 26 Oct 2018 06:40:33 -0700 (PDT)
X-Google-Smtp-Source: AJdET5dWMG6teSTn0wfNlC2yUm04a9OtvsVVS8+nehOCXQcvD4fT/k0stBnm4iTEihZ7tks2f4pc
X-Received: by 2002:a63:9712:: with SMTP id n18-v6mr3621459pge.182.1540561233574;
        Fri, 26 Oct 2018 06:40:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1540561233; cv=none;
        d=google.com; s=arc-20160816;
        b=hNkmAGUTnHs1DNlfCtm6ZDRx/gW+d6xQeQSPHeILgwLwj+SWMHParCXDZwAHiIH7jx
         /qY0SYy5Xz9hvrslEvlllkXhf7Z64Vi8Dc4m2yfCFjh2pxLojs8prcfrbLY30BBz32MK
         bMBwskEKAfnKTl3I9RbhM+C3dDUfUXNhSbFwd3/yp2jX5PvsfWcMhuG2L/3uhCoCFj+v
         5IuyENTHwwddMWB25OaP4gD4F2g4GvcnNfQmtyKzIX94hOCkz5IbOfssQidW0Zolwvfq
         g5E9uzgqyLP8MqW/rnV1mzHJ63ml7fhwuDSsN3DM4o2fXJ1ekjWsqHIqeRsnz6n53pn4
         RaCA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject;
        bh=/reeR0cbZLBNb7zY/cAFNqoMU0D8TEw4Zy/E0Xryhg8=;
        b=WnImP3JpBI77ISpzC7OunGw2GD1fykkN/1nEM7t7gZLL7QchLyz9yag5zQfhwKVg8Q
         53soc0KjaRfXrt8az+ClVqQQVkYC/GQClXJFWow1bdaNxTr8lzvLFXw/oWioSpVMPvjl
         C+5gtWku81JoIzxzZ/9AdG+6//7582vYKXyiFCkEJz+48dK3bAPG4u65rLbT/MNcZde5
         +1XlV0uaoxKm/oA+w7MQz3smAz5xcjN3Zyfw3LwK7dE8DDQDMDsI6eP7uthHfbkdIZsl
         zThIJNlQImWznglWhBQbYQrEPaTWKhN61i8e5tVdeb1+LT22Fg/X8ULH0hynOYsk7huQ
         akuQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g14-v6si12269474plm.142.2018.10.26.06.40.17;
        Fri, 26 Oct 2018 06:40:33 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726442AbeJZWQ7 (ORCPT <rfc822;chenhe.dev@gmail.com>
        + 99 others); Fri, 26 Oct 2018 18:16:59 -0400
Received: from proxima.lasnet.de ([78.47.171.185]:39919 "EHLO
        proxima.lasnet.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726113AbeJZWQ7 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 26 Oct 2018 18:16:59 -0400
Received: from localhost.localdomain (p200300E9D70FDC4FA9666416553D800C.dip0.t-ipconnect.de [IPv6:2003:e9:d70f:dc4f:a966:6416:553d:800c])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        (Authenticated sender: stefan@datenfreihafen.org)
        by proxima.lasnet.de (Postfix) with ESMTPSA id E8498C8992;
        Fri, 26 Oct 2018 15:39:47 +0200 (CEST)
Subject: Re: [PATCH 4.9 50/71] inet: frags: use rhashtables for reassembly
 units
To:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        linux-kernel@vger.kernel.org, netdev@vger.kernel.org
Cc:     stable@vger.kernel.org, Eric Dumazet <edumazet@google.com>,
        Kirill Tkhai <ktkhai@virtuozzo.com>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        Florian Westphal <fw@strlen.de>,
        Jesper Dangaard Brouer <brouer@redhat.com>,
        Alexander Aring <alex.aring@gmail.com>,
        Stefan Schmidt <stefan@osg.samsung.com>,
        "David S. Miller" <davem@davemloft.net>
References: <20181016170539.315587743@linuxfoundation.org>
 <20181016170541.874459615@linuxfoundation.org>
From:   Stefan Schmidt <stefan@datenfreihafen.org>
Message-ID: <62bd748b-20a8-d021-7b3b-32146df8beb8@datenfreihafen.org>
Date:   Fri, 26 Oct 2018 15:39:47 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.0
MIME-Version: 1.0
In-Reply-To: <20181016170541.874459615@linuxfoundation.org>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hello Greg.

[Hope I am not to late for this]

On 16/10/2018 19:09, Greg Kroah-Hartman wrote:
> 4.9-stable review patch.  If anyone has any objections, please let me know.
> 
> ------------------
> 
> From: Eric Dumazet <edumazet@google.com>
> 
> Some applications still rely on IP fragmentation, and to be fair linux
> reassembly unit is not working under any serious load.
> 
> It uses static hash tables of 1024 buckets, and up to 128 items per bucket (!!!)
> 
> A work queue is supposed to garbage collect items when host is under memory
> pressure, and doing a hash rebuild, changing seed used in hash computations.
> 
> This work queue blocks softirqs for up to 25 ms when doing a hash rebuild,
> occurring every 5 seconds if host is under fire.
> 
> Then there is the problem of sharing this hash table for all netns.
> 
> It is time to switch to rhashtables, and allocate one of them per netns
> to speedup netns dismantle, since this is a critical metric these days.
> 
> Lookup is now using RCU. A followup patch will even remove
> the refcount hold/release left from prior implementation and save
> a couple of atomic operations.
> 
> Before this patch, 16 cpus (16 RX queue NIC) could not handle more
> than 1 Mpps frags DDOS.
> 
> After the patch, I reach 9 Mpps without any tuning, and can use up to 2GB
> of storage for the fragments (exact number depends on frags being evicted
> after timeout)
> 
> $ grep FRAG /proc/net/sockstat
> FRAG: inuse 1966916 memory 2140004608
> 
> A followup patch will change the limits for 64bit arches.
> 
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Cc: Kirill Tkhai <ktkhai@virtuozzo.com>
> Cc: Herbert Xu <herbert@gondor.apana.org.au>
> Cc: Florian Westphal <fw@strlen.de>
> Cc: Jesper Dangaard Brouer <brouer@redhat.com>
> Cc: Alexander Aring <alex.aring@gmail.com>
> Cc: Stefan Schmidt <stefan@osg.samsung.com>
> Signed-off-by: David S. Miller <davem@davemloft.net>
> (cherry picked from commit 648700f76b03b7e8149d13cc2bdb3355035258a9)
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> ---
>  Documentation/networking/ip-sysctl.txt  |    7 
>  include/net/inet_frag.h                 |   81 +++----
>  include/net/ipv6.h                      |   16 -
>  net/ieee802154/6lowpan/6lowpan_i.h      |   26 --
>  net/ieee802154/6lowpan/reassembly.c     |   91 +++-----
>  net/ipv4/inet_fragment.c                |  349 ++++++--------------------------
>  net/ipv4/ip_fragment.c                  |  112 ++++------
>  net/ipv6/netfilter/nf_conntrack_reasm.c |   51 +---
>  net/ipv6/reassembly.c                   |  110 ++++------
>  9 files changed, 267 insertions(+), 576 deletions(-)
> 

When this patch hit master a while back we had to address a regression
in the ieee802514 6lowpan layer. It seems this fix is missing in the
backport series (only looking at your patchset here, no the full tree).

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f18fa5de5ba7f1d6650951502bb96a6e4715a948

I would appreciate if you could pull this into this series as well.

regards
Stefan Schmidt