on Mon, 13 Dec 2010 06:49:11PM +0800 Tinggong Wang (wangtinggong@xxxxxxxxx) wrote:
> on Mon, 13 Dec 2010 09:53:01AM +0100 Hans Schillstrom (hans.schillstrom@xxxxxxxxxxxx) wrote:
> > On Mon, 2010-12-13 at 07:29 +0100, Simon Horman wrote:
> > > On Mon, Dec 13, 2010 at 11:44:38AM +0800, Tinggong Wang wrote:
> > > > on Mon, 13 Dec 2010 06:48:06AM +0900 Simon Horman (horms@xxxxxxxxxxxx) wrote:
> > > > > [ CCed Hans Schillstrom and Julian Anastasov ]
> > > > >
> > > > > On Sun, Dec 12, 2010 at 07:42:29PM +0800, Tinggong Wang wrote:
> > > > > > Signed-off-by: Tinggong Wang <wangtinggong@xxxxxxxxx>
> > > > > > ---
> > > > > > net/netfilter/ipvs/ip_vs_sync.c | 13 ++++++++-----
> > > > > > 1 files changed, 8 insertions(+), 5 deletions(-)
> > > > > >
> > > > > > diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
> > > > > > index 7632a17..2b6b0cb 100644
> > > > > > --- a/net/netfilter/ipvs/ip_vs_sync.c
> > > > > > +++ b/net/netfilter/ipvs/ip_vs_sync.c
> > > > > > @@ -315,11 +315,6 @@ static void ip_vs_process_message(const char *buffer, const size_t buflen)
> > > > > > char *p;
> > > > > > int i;
> > > > > >
> > > > > > - if (buflen < SYNC_MESG_HEADER_LEN) {
> > > > > > - IP_VS_ERR_RL("sync message header too short\n");
> > > > > > - return;
> > > > > > - }
> > > > > > -
> > > > > > /* Convert size back to host byte order */
> > > > > > m->size = ntohs(m->size);
> > > > > >
> > > > > > @@ -823,6 +818,14 @@ static int sync_thread_backup(void *data)
> > > > > > break;
> > > > > > }
> > > > > >
> > > > > > + /* throw invalid data before local_bh_disable,
> > > > > > + * so performance won't be downgraded by it
> > > > > > + */
> > > > > > + if (len < SYNC_MESG_HEADER_LEN) {
> > > > > > + IP_VS_ERR_RL("sync message header too short\n");
> > > > > > + continue;
> > > > > > + }
> > > > > > +
> > > > > > /* disable bottom half, because it accesses the data
> > > > > > shared by softirq while getting/creating conns */
> > > > > > local_bh_disable();
> > > > > > --
> > > > > > 1.7.2.3
> > > > > >
> > > > >
> > > > > Could you explain the motivation for this change?
> > > >
> > > > in my opinion, before local_bh_disable, should ensure packets are look
> > > > like more resonable.
> > > >
> > > > local_bh_disable will disable all bottom-half processing on local cpu,
> > > > if the multicast group flood of packets containing bad sync message,
> > > > local cpu will be busy doing local_bh_disable and local_bh_enable.
> > > >
> > > > if the backup pc has only one cpu, all other tasks will be pending until
> > > > the flood finished.
> > >
> > > Ok, that does sound reasonable to some extent. But realistically
> > > this should only occur if bogus packets are being sent. And in
> > > that case it would be possible for bogus packets to be more carefully
> > > crafted such that we need to enter ip_vs_process_message() anyway.
> > > So I'm not sure if there really is a gain here.
> > >
> > I do agree, first of all It's a multicast and they are never opened in
> > firewall so who should flood us?
> > (If IPVS addr and port is open close it)
> > I don't think the extra rows actually adds anything as you say.
> >
> Yes, it has small possibility to occur. and this patch only make sense
> when the bogus packets length less than SYNC_MESG_HEADER_LEN.
>
> but if it occurs, for example, someone write a program, join the
> multicast group cursorily, and floods bogus packets accidentally.
> backup's performace will be downgraded.
>
> is this scenario should be included? if so, i'll try to improve this
> patch.
>
> Thanks!
this patch disable bottom half after sanity check.
it will slightly improve backup's performance when bogus packets not
using the sync message format.
>From 19c9d8bd38d3d4694ff5d0f6e16d02fcc13b7f1e Mon Sep 17 00:00:00 2001
From: Tinggong Wang <wangtinggong@xxxxxxxxx>
Date: Tue, 14 Dec 2010 01:42:18 +0800
Subject: [PATCH] ipvs: check data validation before local_bh_disable
Signed-off-by: Tinggong Wang <wangtinggong@xxxxxxxxx>
---
net/netfilter/ipvs/ip_vs_sync.c | 21 ++++++++++++---------
1 files changed, 12 insertions(+), 9 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
index c1c167a..077fcdf 100644
--- a/net/netfilter/ipvs/ip_vs_sync.c
+++ b/net/netfilter/ipvs/ip_vs_sync.c
@@ -1105,6 +1105,11 @@ static void ip_vs_process_message(__u8 *buffer, const size_t buflen)
IP_VS_DBG(7, "BACKUP, Ignoring syncid = %d\n", m2->syncid);
return;
}
+
+ /* disable bottom half, because it accesses the data
+ shared by softirq while getting/creating conns */
+ local_bh_disable();
+
/* Handle version 1 message */
if ((m2->version == SYNC_PROTO_VER) && (m2->reserved == 0)
&& (m2->spare == 0)) {
@@ -1120,7 +1125,7 @@ static void ip_vs_process_message(__u8 *buffer, const size_t buflen)
p = msg_end;
if (p + sizeof(s->v4) > buffer+buflen) {
IP_VS_ERR_RL("BACKUP, Dropping buffer, to small\n");
- return;
+ goto out;
}
s = (union ip_vs_sync_conn *)p;
size = ntohs(s->v4.ver_size) & SVER_MASK;
@@ -1128,18 +1133,18 @@ static void ip_vs_process_message(__u8 *buffer, const size_t buflen)
/* Basic sanity checks */
if (msg_end > buffer+buflen) {
IP_VS_ERR_RL("BACKUP, Dropping buffer, msg > buffer\n");
- return;
+ goto out;
}
if (ntohs(s->v4.ver_size) >> SVER_SHIFT) {
IP_VS_ERR_RL("BACKUP, Dropping buffer, Unknown version %d\n",
ntohs(s->v4.ver_size) >> SVER_SHIFT);
- return;
+ goto out;
}
/* Process a single sync_conn */
if ((retc=ip_vs_proc_sync_conn(p, msg_end)) < 0) {
IP_VS_ERR_RL("BACKUP, Dropping buffer, Err: %d in decoding\n",
retc);
- return;
+ goto out;
}
/* Make sure we have 32 bit alignment */
msg_end = p + ((size + 3) & ~3);
@@ -1147,8 +1152,10 @@ static void ip_vs_process_message(__u8 *buffer, const size_t buflen)
} else {
/* Old type of message */
ip_vs_process_message_v0(buffer, buflen);
- return;
}
+
+out:
+ local_bh_enable();
}
@@ -1497,11 +1504,7 @@ static int sync_thread_backup(void *data)
break;
}
- /* disable bottom half, because it accesses the data
- shared by softirq while getting/creating conns */
- local_bh_disable();
ip_vs_process_message(tinfo->buf, len);
- local_bh_enable();
}
}
--
1.7.2.3
--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
