Hello Christoph,
On Wed, 2015-06-17 at 17:28 -0700, Christoph Paasch wrote:
This reverts commit 222e83d2e0aecb6a5e8d42b1a8d51332a1eba960.
tcp_fastopen_reset_cipher really cannot be called from interrupt
context. It allocates the tcp_fastopen_context with GFP_KERNEL and
calls crypto_alloc_cipher, which allocates all kind of stuff with
GFP_KERNEL.
Thus, we might sleep when the key-generation is triggered by an
incoming TFO cookie-request which would then happen in interrupt-
context, as shown by enabling CONFIG_DEBUG_ATOMIC_SLEEP:
[ 36.001813] BUG: sleeping function called from invalid context at
mm/slub.c:1266
[ 36.003624] in_atomic(): 1, irqs_disabled(): 0, pid: 1016, name:
packetdrill
[ 36.004859] CPU: 1 PID: 1016 Comm: packetdrill Not tainted 4.1.0-rc7 #14
[ 36.006085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel
-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014
[ 36.008250] 04f2 88007f8838a8 8171d53a
880075a084a8
[ 36.009630] 880075a08000 88007f8838c8 810967d3
88007f883928
[ 36.011076] 88007f8838f8 81096892
88007f89be00
[ 36.012494] Call Trace:
[ 36.012953] IRQ [8171d53a] dump_stack+0x4f/0x6d
[ 36.014085] [810967d3] ___might_sleep+0x103/0x170
[ 36.015117] [81096892] __might_sleep+0x52/0x90
[ 36.016117] [8118e887] kmem_cache_alloc_trace+0x47/0x190
[ 36.017266] [81680d82] ? tcp_fastopen_reset_cipher+0x42/0x130
[ 36.018485] [81680d82] tcp_fastopen_reset_cipher+0x42/0x130
[ 36.019679] [81680f01] tcp_fastopen_init_key_once+0x61/0x70
[ 36.020884] [81680f2c] __tcp_fastopen_cookie_gen+0x1c/0x60
[ 36.022058] [816814ff] tcp_try_fastopen+0x58f/0x730
[ 36.023118] [81671788] tcp_conn_request+0x3e8/0x7b0
[ 36.024185] [810e3872] ? __module_text_address+0x12/0x60
[ 36.025327] [8167b2e1] tcp_v4_conn_request+0x51/0x60
[ 36.026410] [816727e0] tcp_rcv_state_process+0x190/0xda0
[ 36.027556] [81661f97] ? __inet_lookup_established+0x47/0x170
[ 36.028784] [8167c2ad] tcp_v4_do_rcv+0x16d/0x3d0
[ 36.029832] [812e6806] ? security_sock_rcv_skb+0x16/0x20
[ 36.030936] [8167cc8a] tcp_v4_rcv+0x77a/0x7b0
[ 36.031875] [816af8c3] ? iptable_filter_hook+0x33/0x70
[ 36.032953] [81657d22] ip_local_deliver_finish+0x92/0x1f0
[ 36.034065] [81657f1a] ip_local_deliver+0x9a/0xb0
[ 36.035069] [81657c90] ? ip_rcv+0x3d0/0x3d0
[ 36.035963] [81657569] ip_rcv_finish+0x119/0x330
[ 36.036950] [81657ba7] ip_rcv+0x2e7/0x3d0
[ 36.037847] [81610652] __netif_receive_skb_core+0x552/0x930
[ 36.038994] [81610a57] __netif_receive_skb+0x27/0x70
[ 36.040033] [81610b72] process_backlog+0xd2/0x1f0
[ 36.041025] [81611482] net_rx_action+0x122/0x310
[ 36.042007] [81076743] __do_softirq+0x103/0x2f0
[ 36.042978] [81723e3c] do_softirq_own_stack+0x1c/0x30
There does not seem to be a better way to handle this. We could try
to make the call to kmalloc and crypto_alloc_cipher during bootup, and
then generate the random value only on-the-fly (when the first TFO-SYN
comes in) with net_get_random_once in order to have the better entropy
that comes with doing the late initialisation of the random value. But
that's probably net-next material.
can't we simply move the net_get_random_once to the TCP_FASTOPEN setsockopt and
sendmsg(MSG_FASTOPEN) path, so those allocations still happen in process context
but we still defer the extraction of entropy as long as posible?
Thanks,
Hannes
--
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html