Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3738761imu; Tue, 18 Dec 2018 03:26:33 -0800 (PST) X-Google-Smtp-Source: AFSGD/XvJk7oxslH6Sgwm5E6Bva8ZtOPFxOVNK/aEAxL9O0bp6UoM1i5jBt9m2R8lHHbZAUhvP+N X-Received: by 2002:a17:902:714c:: with SMTP id u12mr15896913plm.234.1545132393294; Tue, 18 Dec 2018 03:26:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1545132393; cv=none; d=google.com; s=arc-20160816; b=Oc59q0Yb6xc1GxyAVe6fxxirnyMw66VLfZ0fFJu5msLt0Ai8Z8JZkV506PzMRUboak pmKzc6DumDfGMRcj4Pl0UX83zh2gHzCpc08saM8QWjqki43aE/qN6/elbLefLijmY/mw Ffwjcg4s2hfh4sX/2zUmpsAPM2f6wXft0Gyc+rm7p/nH8gS/ApL0fbgit2ePSBditM6y 6go8MLwWLHX+YnCWXUb/hfXcGsijw6EUBJad1JkU6gpf7KlSPTWe9GE/RJ1lafwYizCB GKu/qBy7XvsRwYKFTVB9VzaLuNI7utfL66G5C+hHbPdrbE6mXGDBrFQXXN8w07CzG5pm 9rTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date:openpgp :from:references:cc:to:subject; bh=nTwntXTwVoe+Ys++0IGvM/2Az8JpS6GTN2JWjLIc7YY=; b=Rd8HYi7OWP5rpk3bt3VmW9EgOEdpMkviLFo0ebwcItY6dqVXpyRf3N+e/Ddv3Xuy/P w6DtXY9I1zFcAYlpm992XR6OnwEby+VDom083Un98CvUMSmZCtHGjHWU0tORRSLhM7QK QlMTf6BxaubaNYGmFJ+o+Hct8I+awXFknPCH79aKkVjNtj2QpNJV9nyuVDcsr9qSoJbn dM1yEio3pfUo+kV+F1ycY+3OupE5nRnCkEwooWEPPCRNzXAn1b34ZJO6oVcSAKIFA6w1 B6QIfvnVhTcwQS0sLfSrx99eRPnnZN0qIb0ySSh+q/eFpJ5h3xV3VspHIGGuODR6EzQp i28Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v6si11585786pfv.181.2018.12.18.03.26.17; Tue, 18 Dec 2018 03:26:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726555AbeLRLY0 (ORCPT + 99 others); Tue, 18 Dec 2018 06:24:26 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:35140 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726390AbeLRLY0 (ORCPT ); Tue, 18 Dec 2018 06:24:26 -0500 Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id wBIBONUo045023 for ; Tue, 18 Dec 2018 06:24:24 -0500 Received: from e06smtp02.uk.ibm.com (e06smtp02.uk.ibm.com [195.75.94.98]) by mx0a-001b2d01.pphosted.com with ESMTP id 2peyysr06v-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 18 Dec 2018 06:24:24 -0500 Received: from localhost by e06smtp02.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 18 Dec 2018 11:24:14 -0000 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp02.uk.ibm.com (192.168.101.132) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Tue, 18 Dec 2018 11:24:11 -0000 Received: from d06av22.portsmouth.uk.ibm.com (d06av22.portsmouth.uk.ibm.com [9.149.105.58]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id wBIBOAvb56098868 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 18 Dec 2018 11:24:10 GMT Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5E7F14C044; Tue, 18 Dec 2018 11:24:10 +0000 (GMT) Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EB36C4C046; Tue, 18 Dec 2018 11:24:09 +0000 (GMT) Received: from oc5311105230.ibm.com (unknown [9.152.224.151]) by d06av22.portsmouth.uk.ibm.com (Postfix) with ESMTP; Tue, 18 Dec 2018 11:24:09 +0000 (GMT) Subject: Re: [PATCH v2] net/smc: fix TCP fallback socket release To: Myungho Jung Cc: "David S. Miller" , linux-s390@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org References: <20181217052122.GA26299@myunghoj-Precision-5530> <20181218070339.GA20290@myunghoj-Precision-5530> From: Ursula Braun Openpgp: preference=signencrypt Date: Tue, 18 Dec 2018 12:24:09 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20181218070339.GA20290@myunghoj-Precision-5530> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-TM-AS-GCONF: 00 x-cbid: 18121811-0008-0000-0000-000002A2FDEF X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18121811-0009-0000-0000-0000220D90E4 Message-Id: <8cb0dcc2-4341-f56a-8465-303d238bc5f5@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-12-18_05:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1812180101 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 12/18/2018 08:03 AM, Myungho Jung wrote: > On Mon, Dec 17, 2018 at 03:58:58PM +0100, Ursula Braun wrote: >> > > Hi Ursula, > > Thank you for your suggestion. I have a question on your comment. > >> >> On 12/17/2018 06:21 AM, Myungho Jung wrote: >>> clcsock can be released while kernel_accept() references it in TCP >>> listen worker. Also, clcsock needs to wake up before released if TCP >>> fallback is used and the clcsock is blocked by accept. Add a lock to >>> safely release clcsock and call kernel_sock_shutdown() to wake up >>> clcsock from accept in smc_release(). >> >> Thanks for your effort to solve this problem. I have some minor >> improvement proposals: >> >>> >>> Reported-by: syzbot+0bf2e01269f1274b4b03@syzkaller.appspotmail.com >>> Reported-by: syzbot+e3132895630f957306bc@syzkaller.appspotmail.com >>> Signed-off-by: Myungho Jung >>> --- >>> net/smc/af_smc.c | 14 ++++++++++++-- >>> net/smc/smc.h | 2 ++ >>> 2 files changed, 14 insertions(+), 2 deletions(-) >>> >>> diff --git a/net/smc/af_smc.c b/net/smc/af_smc.c >>> index 5fbaf1901571..5d06fb1bbccf 100644 >>> --- a/net/smc/af_smc.c >>> +++ b/net/smc/af_smc.c >>> @@ -147,8 +147,14 @@ static int smc_release(struct socket *sock) >>> sk->sk_shutdown |= SHUTDOWN_MASK; >>> } >>> if (smc->clcsock) { >>> + if (smc->use_fallback && sk->sk_state == SMC_LISTEN) { >>> + /* wake up clcsock accept */ >>> + rc = kernel_sock_shutdown(smc->clcsock, SHUT_RDWR); >>> + } >> >> This part is not needed, since an SMC socket in state SMC_LISTEN is never >> a use_fallback socket. > > In smc_sendmsg(), set use_fallback to true if SMC socket is SMC_INIT > state and the message has MSG_FASTOPEN flag. After this, smc_listen() > would trigger smc_tcp_listen_work(). Is this not an expected scenario? > Then, what is the reason for not skipping smc_sendmsg() in SMC_INIT > state? > You are right, I have not had the FASTOPEN case in mind, sorry. If we want to allow fallback in case of FASTOPEN, we need the kernel_sock_shutdown() here for proper cleanup. Nice! >> >>> + mutex_lock(&smc->clcsock_release_lock); >>> sock_release(smc->clcsock); >>> smc->clcsock = NULL; >>> + mutex_unlock(&smc->clcsock_release_lock); >>> } >>> if (smc->use_fallback) { >>> if (sk->sk_state != SMC_LISTEN && sk->sk_state != SMC_INIT) >>> @@ -205,6 +211,7 @@ static struct sock *smc_sock_alloc(struct net *net, struct socket *sock, >>> spin_lock_init(&smc->conn.send_lock); >>> sk->sk_prot->hash(sk); >>> sk_refcnt_debug_inc(sk); >>> + mutex_init(&smc->clcsock_release_lock); >>> >>> return sk; >>> } >>> @@ -821,7 +828,7 @@ static int smc_clcsock_accept(struct smc_sock *lsmc, struct smc_sock **new_smc) >>> struct socket *new_clcsock = NULL; >>> struct sock *lsk = &lsmc->sk; >>> struct sock *new_sk; >>> - int rc; >>> + int rc = 0; >> >> Without clcsock the good path should not be executed. Thus I suggest >> to initialize with something negative like -EINVAL. >> >>> >>> release_sock(lsk); >>> new_sk = smc_sock_alloc(sock_net(lsk), NULL, lsk->sk_protocol); >>> @@ -834,7 +841,10 @@ static int smc_clcsock_accept(struct smc_sock *lsmc, struct smc_sock **new_smc) >>> } >>> *new_smc = smc_sk(new_sk); >>> >>> - rc = kernel_accept(lsmc->clcsock, &new_clcsock, 0); >>> + mutex_lock(&lsmc->clcsock_release_lock); >>> + if (lsmc->clcsock) >>> + rc = kernel_accept(lsmc->clcsock, &new_clcsock, 0); >>> + mutex_unlock(&lsmc->clcsock_release_lock); >>> lock_sock(lsk); >>> if (rc < 0) >>> lsk->sk_err = -rc; >>> diff --git a/net/smc/smc.h b/net/smc/smc.h >>> index 08786ace6010..9a2795cf5d30 100644 >>> --- a/net/smc/smc.h >>> +++ b/net/smc/smc.h >>> @@ -219,6 +219,8 @@ struct smc_sock { /* smc sock container */ >>> * started, waiting for unsent >>> * data to be sent >>> */ >>> + struct mutex clcsock_release_lock; >>> + /* protects clcsock */ >> >> I suggest to be more precise: "protects clcsock of a listen socket" >> >>> }; >>> >>> static inline struct smc_sock *smc_sk(const struct sock *sk) >>> >> >