Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp4832830rdh; Wed, 29 Nov 2023 11:58:31 -0800 (PST) X-Google-Smtp-Source: AGHT+IGcYX1WGWvj47Ox040b/yul7Dc7zOjMZhC6A5mmlapWJxkL0mriBwRteKmkO5XH73GYfcBH X-Received: by 2002:a05:6a20:a11d:b0:18c:f734:64e5 with SMTP id q29-20020a056a20a11d00b0018cf73464e5mr5713309pzk.44.1701287911064; Wed, 29 Nov 2023 11:58:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701287911; cv=none; d=google.com; s=arc-20160816; b=lwAuEPZBHLa86pcRJLKlgwwmo05agwUrDnkGwNQ2tCHjxBLkUDQ/2WuwAx/aRmAXMM QvplsM5hK+8BHuu3RDAKkA9sXj1LB/lPGq4KTpq5zGjhPKgKuM6riHWyQwnPewgAQio/ FY9kcsx3obf4JfvBNzo88Xa6y2KeSPdQtE8+mrlk2fVX/EFTYrUTM21AmwV8q+3HCbHM GNNKytn/MHLpaMJph0pLg1H9Rf8iGwM5FubiBU0oz93nCufy9aOew5msevR9E5Dn/K/W X8W7SBRAKwrHngqAfudU/1grJFNxLLrPBrjY/mJJAYPmaHFgjaG2IIgK6yX4vHOjh3Gt xTDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=T7FtbM3uCv3lCJgze8i3ailyZ7n1KeZA4b7KaXBphuU=; fh=Qn3RmwYI3aXYf717wpS9yyAY1XUEV59UzlCwvai9e84=; b=z4vAGP85Fv4fRRPIiParVALsnzIkdjrtLVri91WR6yWsX3XIKy3jaBUY9fBDchlq1N X0vvonUGmhw9X6skFFIspBBdhPRL8NHv+A9zVK6uyTGvFC2oU8hENR7tllVyMU05ppr5 vkfMEPLh+xGpnQqjmUwLZGqukZneY8NkfYssbacc669IG3Jha9pBWBwgRZw5CbPRUbSr jVygSihLXb6vlpP2by+X2Yfvl32M7dmTfb6/bK74hBxqEPHQ9ODfjMtmIEMbXrwx9z8P 9atTuotnF1GHGr9V4cdXLNrkDv4f5S+iPItNcz5aN8IUe/9cFMdHWZ6OEVzKKCGcepLr VXbw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@arista.com header.s=google header.b=D68pgc9B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=arista.com Return-Path: Received: from pete.vger.email (pete.vger.email. [23.128.96.36]) by mx.google.com with ESMTPS id f11-20020a056a00238b00b006cb8cbc9bb8si14779792pfc.284.2023.11.29.11.58.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Nov 2023 11:58:31 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) client-ip=23.128.96.36; Authentication-Results: mx.google.com; dkim=pass header.i=@arista.com header.s=google header.b=D68pgc9B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=arista.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id 6BDE280C1C35; Wed, 29 Nov 2023 11:58:28 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233111AbjK2T6B (ORCPT + 99 others); Wed, 29 Nov 2023 14:58:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43398 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229741AbjK2T6A (ORCPT ); Wed, 29 Nov 2023 14:58:00 -0500 Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C1BDF1A8 for ; Wed, 29 Nov 2023 11:58:04 -0800 (PST) Received: by mail-io1-xd2e.google.com with SMTP id ca18e2360f4ac-7b34ee2a243so3887339f.0 for ; Wed, 29 Nov 2023 11:58:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=arista.com; s=google; t=1701287884; x=1701892684; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=T7FtbM3uCv3lCJgze8i3ailyZ7n1KeZA4b7KaXBphuU=; b=D68pgc9B5OHrjD1qFxlZF5KKwZTpaFtOuDdem9vOAEmj3woSoMeR9kx7SxpaJvVF/r UPdhWf0zPl8gFwtp6eMkDL3nu8HqNhn+OJT4QujIvh+vhbfS2PUXJTPS8IDfYXleUtZV TiTEN8WhpRJK67In+WzADbn6+HWJrS7O5IiV457RvkAvucMxjtKSLqLZx42wMc5U4z9B SunoMmnH+FoA9I69ULeUb6E02yQgVaVJExKtprI4Zo/8A86ffnwiEIbbp6O0u5J1ACd8 cd8TY7djoThD15bz3B4mnTjzQL/84P7VX7I6pIDtNqgze05roCP3gHoHk+MBUH7qu8u4 HBRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701287884; x=1701892684; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=T7FtbM3uCv3lCJgze8i3ailyZ7n1KeZA4b7KaXBphuU=; b=euRiDCgzjjvp7yZnGWACb54tAkDofUll1TKpzNeOn5miKOg00FD7UzjPq1PkZ7uYXO wd3gttSxwKID9JktCGJon5SBubMb5hW5Lw4xLKjrKYsAp+Pnf7l/msUqhWKZXCJoovlC fNMqh60zulOab0YCUVd2lyqC7inrGMl+m0q5c29oB4vnINEojnx2mUV8xHlPyLzL8S7m r5MNa5u+MBUaldFgFsk26XeITOtdozm25en0EiTQangYO59sXdr0QGjvIQRqaAxq+ED5 clLSsGNsFVokOEBCvqBAjMFrMIO8dj3E33Md4+pFTILLYtKT3g7cWL654RZFhEkHbLP5 ZaXg== X-Gm-Message-State: AOJu0YxLthNwdoInuyrT3ZujvPQEHkFsL8vAL9E7brf2ZKkXKH84kxgX /2P5Ak337DlvmKodUAmFkiLDqQ== X-Received: by 2002:a5d:81d3:0:b0:7b3:b726:b57f with SMTP id t19-20020a5d81d3000000b007b3b726b57fmr9983661iol.19.1701287884069; Wed, 29 Nov 2023 11:58:04 -0800 (PST) Received: from [10.83.37.178] ([217.173.96.166]) by smtp.gmail.com with ESMTPSA id v5-20020a02b905000000b0045458b7b4fcsm3601107jan.171.2023.11.29.11.58.00 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 29 Nov 2023 11:58:03 -0800 (PST) Message-ID: <137ab4f7-80af-4e00-a5bb-b1d4f4c75a67@arista.com> Date: Wed, 29 Nov 2023 19:57:53 +0000 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v4 6/7] net/tcp: Store SNEs + SEQs on ao_info Content-Language: en-US To: Eric Dumazet Cc: David Ahern , Paolo Abeni , Jakub Kicinski , "David S. Miller" , linux-kernel@vger.kernel.org, Dmitry Safonov <0x7f454c46@gmail.com>, Francesco Ruggeri , Salam Noureddine , Simon Horman , netdev@vger.kernel.org References: <20231129165721.337302-1-dima@arista.com> <20231129165721.337302-7-dima@arista.com> From: Dmitry Safonov In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Wed, 29 Nov 2023 11:58:28 -0800 (PST) On 11/29/23 18:34, Eric Dumazet wrote: > On Wed, Nov 29, 2023 at 7:14 PM Dmitry Safonov wrote: >> >> On 11/29/23 18:09, Eric Dumazet wrote: >>> On Wed, Nov 29, 2023 at 5:57 PM Dmitry Safonov wrote: >>>> >>>> RFC 5925 (6.2): >>>>> TCP-AO emulates a 64-bit sequence number space by inferring when to >>>>> increment the high-order 32-bit portion (the SNE) based on >>>>> transitions in the low-order portion (the TCP sequence number). >>>> >>>> snd_sne and rcv_sne are the upper 4 bytes of extended SEQ number. >>>> Unfortunately, reading two 4-bytes pointers can't be performed >>>> atomically (without synchronization). >>>> >>>> In order to avoid locks on TCP fastpath, let's just double-account for >>>> SEQ changes: snd_una/rcv_nxt will be lower 4 bytes of snd_sne/rcv_sne. >>>> >>> >>> This will not work on 32bit kernels ? >> >> Yeah, unsure if there's someone who wants to run BGP on 32bit box, so at >> this moment it's already limited: >> >> config TCP_AO >> bool "TCP: Authentication Option (RFC5925)" >> select CRYPTO >> select TCP_SIGPOOL >> depends on 64BIT && IPV6 != m # seq-number extension needs WRITE_ONCE(u64) >> > > Oh well, this seems quite strange to have such a limitation. I guess so. On the other side, it seems that there aren't many non-hobbyist 32bit platforms: ia32 compatible layer will even be limited with a boot parameter/compile option. Maybe I'm not aware of, but it seems that arm64/ppc64/risc-v/x86_64 are the ones everyone interested in these days. > >> Probably, if there will be a person who is interested in this, it can >> get a spinlock for !CONFIG_64BIT. > > >> >>> Unless ao->snd_sne and ao->rcv_sneare only read/written under the >>> socket lock (and in this case no READ_ONCE()/WRITE_ONCE() should be >>> necessary) >> > > You have not commented on where these are read without the socket lock held ? Sorry for missing this, the SNEs are used with this helper tcp_ao_compute_sne(), so these places are (in square brackets AFAICS, there is a chance that I miss something obvious from your message): - tcp_v4_send_reset() => tcp_ao_prepare_reset() [rcu_read_lock()] - __tcp_transmit_skb() => tcp_ao_transmit_skb() [TX softirq] - tcp_v4_rcv() => tcp_inbound_ao_hash() [RX softirq] > tcp_ao_get_repair() can lock the socket. It can, sure. > In TW state, I guess these values can not be changed ? Currently, they are considered constant on TW. The incoming segments are not verified on twsk (so no need for SNEs). And from ACK side not expecting SEQ roll-over (tcp_ao_compute_sne() is not called) - this may change, but not quite critical it seems. If we go with this patch in question, I'll have to update this: : key.sne = READ_ONCE(ao_info->snd_sne); (didn't adjust it for higher-bytes shift) > I think you can remove all these READ_ONCE()/WRITE_ONCE() which are not needed, > or please add a comment if they really are. Not sure if I answered above.. > Then, you might be able to remove the 64BIT dependency ... At this moment I fail to imagine anyone running BGP + TCP-AO on 32bit kernel. I may be wrong, for sure. Thanks, Dmitry