Message ID | 20231106024413.2801438-10-almasrymina@google.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:8f47:0:b0:403:3b70:6f57 with SMTP id j7csp2408322vqu; Sun, 5 Nov 2023 18:46:41 -0800 (PST) X-Google-Smtp-Source: AGHT+IEctpitXyyLkuJcAzMNanvApg/e4C3y3t1mjlpW0Pd3TxitfdPpeqbiiT/aIUiBILJ2prkr X-Received: by 2002:a17:902:f90e:b0:1cc:5ce4:f657 with SMTP id kw14-20020a170902f90e00b001cc5ce4f657mr10175996plb.29.1699238801131; Sun, 05 Nov 2023 18:46:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1699238801; cv=none; d=google.com; s=arc-20160816; b=RWp4cmxNJ+zowXG7s52nilLhI+6ThDFY+mtgIrBJKW0ECYqZL2NUK7Yp4AxvLOi7sG fwJWfOfRL0lYqPPmVd4o5Qq1AkLkmiVDoKlqFwJm4t1Z2EZAeN2TTKU+Mwd5CZ1VkGsq PgL7xbrsM8o/S3IuV3uXLjUeCY3W5rw+MCcJU3ug1iYZxn3V8xV4pR/3vSmgngQas9+v UmKXD+6ET4wvCsrVejgB3UwknS7t5NUVLQJtePplVfc+GAl+WAyvfESUewBP72uJLN24 WyqTQ6xTZcBx1E7YmKCtwvn3zK5wKE33GridsvlB2jkHka1I4klrI6pvTYuZWJwX9fl6 UaWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=usFyJYQLl60eSImLOMHMcBI1gyuI+rh6zXVKki6RWDo=; fh=VbsQUsSy2K9z2+PhiP7mYRWSYfWA3hQEIPFL548Z5fY=; b=tbBsZVZHs97HpmxkZ94wWGjRqBz9w/2pOPgb7mJwIrPABBv8UWn/srzfpQNqeoA/dJ 1FHAthlI2kqJnqZcv7mxGFGhxDN8N9KNmBnT5zKouSwVy2fDiZFeAne0YvVPQhYZ/suJ xmfHrT0C9YVTsIVEwed7URlgvCww5rEede/B7aFeCqHmIjr8acxsh1v8zxIjW/NWsrpy zMDRxK1W6eelEInROQyO95kbicazTa49QYMUAwfuP4IwQZMJD4XZqmE7bRoprccCKtSE v+Wsz1r7ETyLZTRkF+k5uklLTL6dExUfE7JdU7Pki0BxQTl+2I0JV4iZvfs5N3gxj++a yDFA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=Sw2Qxo6h; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id k18-20020a170902c41200b001bb8a57d518si7885660plk.379.2023.11.05.18.46.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 05 Nov 2023 18:46:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=Sw2Qxo6h; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 9E1A5806AFC5; Sun, 5 Nov 2023 18:45:40 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230481AbjKFCp2 (ORCPT <rfc822;heyuhang3455@gmail.com> + 34 others); Sun, 5 Nov 2023 21:45:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41340 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230306AbjKFCpI (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Sun, 5 Nov 2023 21:45:08 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9E4E710D0 for <linux-kernel@vger.kernel.org>; Sun, 5 Nov 2023 18:44:38 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-5af592fed43so44619357b3.2 for <linux-kernel@vger.kernel.org>; Sun, 05 Nov 2023 18:44:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1699238678; x=1699843478; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=usFyJYQLl60eSImLOMHMcBI1gyuI+rh6zXVKki6RWDo=; b=Sw2Qxo6hljiPC+R/aCGYaxTwhtItTCveRcTmoasNYc7C7x6QeFiSh4R5eitD5oc1gb 4eUcOhMUOsA28IVds/lpf0wz2TDqIIHsMIpuUviKqWoXEJmhsBQXiPHfbMn+Qc6l3Yx5 eL/QQK7UQk2HIrfuBD6geyfbNaAOjnokdXgx7iTP4ek5yEtnQfBDLal6xtGBnL7MdAzI HX7cMoA6puYwu8hM3KPxBa/Fc0VrzmEYPgyn0AnJhhHe54IrvJzcf/dNWbd1TXNKayHp mJ8DONV1yZ07W4sqTOjPt15TGtvxtMz4VEoHaG7zAVDyi8IvpAH6+rA7V08frAq1owVx Rl5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699238678; x=1699843478; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=usFyJYQLl60eSImLOMHMcBI1gyuI+rh6zXVKki6RWDo=; b=ofBuYkOaYWp+v6M1BXt0uchhVjcCjD+Ur5qj3sCgsf91GORcX4c+Yvg7Gw+8aj0h05 uK7ietLlwtZVB5VtcHL2bsVjCi+7Hmt2WxxvDzeFPhpVOx46kNITQHz+rxL391QAzJ83 1MOXyQee3ibO+XZ8xsracmIVzKu0S4ueGJRqpx45UJ9Tm/JHMeSBpjNOpMUf+b+WTywy ONeZxYBZlq96rJLUwJJoWV17vwgx7gpix61NtNRtKAqCdSXopKlfRdntrLCdqRI1mVZi CzsQoiz36RfsKX4atD6ETG9y6dghd6606KjvOoQjJDApp7aS4bNfXTNqeqLJ+KV5ncyc jSZw== X-Gm-Message-State: AOJu0Yy04AZyEi04GBdkdmvIMJVlxrshKMhiHczP/Ya6KZGd35VkntW3 pCs/55DdAKcykb2BSdbkj4y4TiNi5Kq5FqYKoQ== X-Received: from almasrymina.svl.corp.google.com ([2620:15c:2c4:200:35de:fff:97b7:db3e]) (user=almasrymina job=sendgmr) by 2002:a81:5215:0:b0:5a7:acc1:5142 with SMTP id g21-20020a815215000000b005a7acc15142mr176056ywb.8.1699238677822; Sun, 05 Nov 2023 18:44:37 -0800 (PST) Date: Sun, 5 Nov 2023 18:44:08 -0800 In-Reply-To: <20231106024413.2801438-1-almasrymina@google.com> Mime-Version: 1.0 References: <20231106024413.2801438-1-almasrymina@google.com> X-Mailer: git-send-email 2.42.0.869.gea05f2083d-goog Message-ID: <20231106024413.2801438-10-almasrymina@google.com> Subject: [RFC PATCH v3 09/12] net: add support for skbs with unreadable frags From: Mina Almasry <almasrymina@google.com> To: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org Cc: Mina Almasry <almasrymina@google.com>, "David S. Miller" <davem@davemloft.net>, Eric Dumazet <edumazet@google.com>, Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>, Jesper Dangaard Brouer <hawk@kernel.org>, Ilias Apalodimas <ilias.apalodimas@linaro.org>, Arnd Bergmann <arnd@arndb.de>, David Ahern <dsahern@kernel.org>, Willem de Bruijn <willemdebruijn.kernel@gmail.com>, Shuah Khan <shuah@kernel.org>, Sumit Semwal <sumit.semwal@linaro.org>, " =?utf-8?q?Christian_K=C3=B6nig?= " <christian.koenig@amd.com>, Shakeel Butt <shakeelb@google.com>, Jeroen de Borst <jeroendb@google.com>, Praveen Kaligineedi <pkaligineedi@google.com>, Willem de Bruijn <willemb@google.com>, Kaiyuan Zhang <kaiyuanz@google.com> Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Sun, 05 Nov 2023 18:45:40 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1781781025047743836 X-GMAIL-MSGID: 1781781025047743836 |
Series |
Device Memory TCP
|
|
Commit Message
Mina Almasry
Nov. 6, 2023, 2:44 a.m. UTC
For device memory TCP, we expect the skb headers to be available in host memory for access, and we expect the skb frags to be in device memory and unaccessible to the host. We expect there to be no mixing and matching of device memory frags (unaccessible) with host memory frags (accessible) in the same skb. Add a skb->devmem flag which indicates whether the frags in this skb are device memory frags or not. __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, and marks the skb as skb->devmem accordingly. Add checks through the network stack to avoid accessing the frags of devmem skbs and avoid coalescing devmem skbs with non devmem skbs. Signed-off-by: Willem de Bruijn <willemb@google.com> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> Signed-off-by: Mina Almasry <almasrymina@google.com> --- include/linux/skbuff.h | 14 +++++++- include/net/tcp.h | 5 +-- net/core/datagram.c | 6 ++++ net/core/gro.c | 5 ++- net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ net/ipv4/tcp.c | 6 ++++ net/ipv4/tcp_input.c | 13 +++++-- net/ipv4/tcp_output.c | 5 ++- net/packet/af_packet.c | 4 +-- 9 files changed, 115 insertions(+), 20 deletions(-)
Comments
On 11/05, Mina Almasry wrote: > For device memory TCP, we expect the skb headers to be available in host > memory for access, and we expect the skb frags to be in device memory > and unaccessible to the host. We expect there to be no mixing and > matching of device memory frags (unaccessible) with host memory frags > (accessible) in the same skb. > > Add a skb->devmem flag which indicates whether the frags in this skb > are device memory frags or not. > > __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > and marks the skb as skb->devmem accordingly. > > Add checks through the network stack to avoid accessing the frags of > devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > Signed-off-by: Willem de Bruijn <willemb@google.com> > Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > Signed-off-by: Mina Almasry <almasrymina@google.com> > > --- > include/linux/skbuff.h | 14 +++++++- > include/net/tcp.h | 5 +-- > net/core/datagram.c | 6 ++++ > net/core/gro.c | 5 ++- > net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > net/ipv4/tcp.c | 6 ++++ > net/ipv4/tcp_input.c | 13 +++++-- > net/ipv4/tcp_output.c | 5 ++- > net/packet/af_packet.c | 4 +-- > 9 files changed, 115 insertions(+), 20 deletions(-) > > diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > index 1fae276c1353..8fb468ff8115 100644 > --- a/include/linux/skbuff.h > +++ b/include/linux/skbuff.h > @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > * @csum_level: indicates the number of consecutive checksums found in > * the packet minus one that have been verified as > * CHECKSUM_UNNECESSARY (max 3) > + * @devmem: indicates that all the fragments in this skb are backed by > + * device memory. > * @dst_pending_confirm: need to confirm neighbour > * @decrypted: Decrypted SKB > * @slow_gro: state present at GRO time, slower prepare step required > @@ -991,7 +993,7 @@ struct sk_buff { > #if IS_ENABLED(CONFIG_IP_SCTP) > __u8 csum_not_inet:1; > #endif > - > + __u8 devmem:1; > #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > __u16 tc_index; /* traffic control index */ > #endif > @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > __skb_zcopy_downgrade_managed(skb); > } > > +/* Return true if frags in this skb are not readable by the host. */ > +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > +{ > + return skb->devmem; bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? It better communicates the fact that the stack shouldn't dereference the frags (because it has 'devmem' fragments or for some other potential future reason).
On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > On 11/05, Mina Almasry wrote: >> For device memory TCP, we expect the skb headers to be available in host >> memory for access, and we expect the skb frags to be in device memory >> and unaccessible to the host. We expect there to be no mixing and >> matching of device memory frags (unaccessible) with host memory frags >> (accessible) in the same skb. >> >> Add a skb->devmem flag which indicates whether the frags in this skb >> are device memory frags or not. >> >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, >> and marks the skb as skb->devmem accordingly. >> >> Add checks through the network stack to avoid accessing the frags of >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. >> >> Signed-off-by: Willem de Bruijn <willemb@google.com> >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> >> Signed-off-by: Mina Almasry <almasrymina@google.com> >> >> --- >> include/linux/skbuff.h | 14 +++++++- >> include/net/tcp.h | 5 +-- >> net/core/datagram.c | 6 ++++ >> net/core/gro.c | 5 ++- >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ >> net/ipv4/tcp.c | 6 ++++ >> net/ipv4/tcp_input.c | 13 +++++-- >> net/ipv4/tcp_output.c | 5 ++- >> net/packet/af_packet.c | 4 +-- >> 9 files changed, 115 insertions(+), 20 deletions(-) >> >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h >> index 1fae276c1353..8fb468ff8115 100644 >> --- a/include/linux/skbuff.h >> +++ b/include/linux/skbuff.h >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; >> * @csum_level: indicates the number of consecutive checksums found in >> * the packet minus one that have been verified as >> * CHECKSUM_UNNECESSARY (max 3) >> + * @devmem: indicates that all the fragments in this skb are backed by >> + * device memory. >> * @dst_pending_confirm: need to confirm neighbour >> * @decrypted: Decrypted SKB >> * @slow_gro: state present at GRO time, slower prepare step required >> @@ -991,7 +993,7 @@ struct sk_buff { >> #if IS_ENABLED(CONFIG_IP_SCTP) >> __u8 csum_not_inet:1; >> #endif >> - >> + __u8 devmem:1; >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) >> __u16 tc_index; /* traffic control index */ >> #endif >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) >> __skb_zcopy_downgrade_managed(skb); >> } >> >> +/* Return true if frags in this skb are not readable by the host. */ >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) >> +{ >> + return skb->devmem; > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > It better communicates the fact that the stack shouldn't dereference the > frags (because it has 'devmem' fragments or for some other potential > future reason). +1. Also, the flag on the skb is an optimization - a high level signal that one or more frags is in unreadable memory. There is no requirement that all of the frags are in the same memory type.
On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > On 11/05, Mina Almasry wrote: > >> For device memory TCP, we expect the skb headers to be available in host > >> memory for access, and we expect the skb frags to be in device memory > >> and unaccessible to the host. We expect there to be no mixing and > >> matching of device memory frags (unaccessible) with host memory frags > >> (accessible) in the same skb. > >> > >> Add a skb->devmem flag which indicates whether the frags in this skb > >> are device memory frags or not. > >> > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > >> and marks the skb as skb->devmem accordingly. > >> > >> Add checks through the network stack to avoid accessing the frags of > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > >> > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > >> > >> --- > >> include/linux/skbuff.h | 14 +++++++- > >> include/net/tcp.h | 5 +-- > >> net/core/datagram.c | 6 ++++ > >> net/core/gro.c | 5 ++- > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > >> net/ipv4/tcp.c | 6 ++++ > >> net/ipv4/tcp_input.c | 13 +++++-- > >> net/ipv4/tcp_output.c | 5 ++- > >> net/packet/af_packet.c | 4 +-- > >> 9 files changed, 115 insertions(+), 20 deletions(-) > >> > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > >> index 1fae276c1353..8fb468ff8115 100644 > >> --- a/include/linux/skbuff.h > >> +++ b/include/linux/skbuff.h > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > >> * @csum_level: indicates the number of consecutive checksums found in > >> * the packet minus one that have been verified as > >> * CHECKSUM_UNNECESSARY (max 3) > >> + * @devmem: indicates that all the fragments in this skb are backed by > >> + * device memory. > >> * @dst_pending_confirm: need to confirm neighbour > >> * @decrypted: Decrypted SKB > >> * @slow_gro: state present at GRO time, slower prepare step required > >> @@ -991,7 +993,7 @@ struct sk_buff { > >> #if IS_ENABLED(CONFIG_IP_SCTP) > >> __u8 csum_not_inet:1; > >> #endif > >> - > >> + __u8 devmem:1; > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > >> __u16 tc_index; /* traffic control index */ > >> #endif > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > >> __skb_zcopy_downgrade_managed(skb); > >> } > >> > >> +/* Return true if frags in this skb are not readable by the host. */ > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > >> +{ > >> + return skb->devmem; > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > It better communicates the fact that the stack shouldn't dereference the > > frags (because it has 'devmem' fragments or for some other potential > > future reason). > > +1. > > Also, the flag on the skb is an optimization - a high level signal that > one or more frags is in unreadable memory. There is no requirement that > all of the frags are in the same memory type. The flag indicates that the skb contains all devmem dma-buf memory specifically, not generic 'not_readable' frags as the comment says: + * @devmem: indicates that all the fragments in this skb are backed by + * device memory. The reason it's not a generic 'not_readable' flag is because handing off a generic not_readable skb to the userspace is semantically not what we're doing. recvmsg() is augmented in this patch series to return a devmem skb to the user via a cmsg_devmem struct which refers specifically to the memory in the dma-buf. recvmsg() in this patch series is not augmented to give any 'not_readable' skb to the userspace. IMHO skb->devmem + an skb_frags_not_readable() as implemented is correct. If a new type of unreadable skbs are introduced to the stack, I imagine the stack would implement: 1. new header flag: skb->newmem 2. static inline bool skb_frags_not_readable(const struct skb_buff *skb) { return skb->devmem || skb->newmem; } 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch series, but tcp_recvmsg_newmem() would handle skb->newmem skbs.
On 11/05, Mina Almasry wrote: > For device memory TCP, we expect the skb headers to be available in host > memory for access, and we expect the skb frags to be in device memory > and unaccessible to the host. We expect there to be no mixing and > matching of device memory frags (unaccessible) with host memory frags > (accessible) in the same skb. > > Add a skb->devmem flag which indicates whether the frags in this skb > are device memory frags or not. > > __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > and marks the skb as skb->devmem accordingly. > > Add checks through the network stack to avoid accessing the frags of > devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > Signed-off-by: Willem de Bruijn <willemb@google.com> > Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > Signed-off-by: Mina Almasry <almasrymina@google.com> [..] > - snaplen = skb->len; > + snaplen = skb_frags_not_readable(skb) ? skb_headlen(skb) : skb->len; > > res = run_filter(skb, sk, snaplen); > if (!res) > @@ -2279,7 +2279,7 @@ static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, > } > } > > - snaplen = skb->len; > + snaplen = skb_frags_not_readable(skb) ? skb_headlen(skb) : skb->len; > > res = run_filter(skb, sk, snaplen); > if (!res) Not sure it covers 100% of bpf. We might need to double-check bpf_xdp_copy_buf which is having its own, non-skb shinfo and frags. And in general, xdp can reference those shinfo frags early... (xdp part happens before we create an skb with all devmem association)
On 11/06, Mina Almasry wrote: > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > On 11/05, Mina Almasry wrote: > > >> For device memory TCP, we expect the skb headers to be available in host > > >> memory for access, and we expect the skb frags to be in device memory > > >> and unaccessible to the host. We expect there to be no mixing and > > >> matching of device memory frags (unaccessible) with host memory frags > > >> (accessible) in the same skb. > > >> > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > >> are device memory frags or not. > > >> > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > >> and marks the skb as skb->devmem accordingly. > > >> > > >> Add checks through the network stack to avoid accessing the frags of > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > >> > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > >> > > >> --- > > >> include/linux/skbuff.h | 14 +++++++- > > >> include/net/tcp.h | 5 +-- > > >> net/core/datagram.c | 6 ++++ > > >> net/core/gro.c | 5 ++- > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > >> net/ipv4/tcp.c | 6 ++++ > > >> net/ipv4/tcp_input.c | 13 +++++-- > > >> net/ipv4/tcp_output.c | 5 ++- > > >> net/packet/af_packet.c | 4 +-- > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > >> > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > >> index 1fae276c1353..8fb468ff8115 100644 > > >> --- a/include/linux/skbuff.h > > >> +++ b/include/linux/skbuff.h > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > >> * @csum_level: indicates the number of consecutive checksums found in > > >> * the packet minus one that have been verified as > > >> * CHECKSUM_UNNECESSARY (max 3) > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > >> + * device memory. > > >> * @dst_pending_confirm: need to confirm neighbour > > >> * @decrypted: Decrypted SKB > > >> * @slow_gro: state present at GRO time, slower prepare step required > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > >> __u8 csum_not_inet:1; > > >> #endif > > >> - > > >> + __u8 devmem:1; > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > >> __u16 tc_index; /* traffic control index */ > > >> #endif > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > >> __skb_zcopy_downgrade_managed(skb); > > >> } > > >> > > >> +/* Return true if frags in this skb are not readable by the host. */ > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > >> +{ > > >> + return skb->devmem; > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > It better communicates the fact that the stack shouldn't dereference the > > > frags (because it has 'devmem' fragments or for some other potential > > > future reason). > > > > +1. > > > > Also, the flag on the skb is an optimization - a high level signal that > > one or more frags is in unreadable memory. There is no requirement that > > all of the frags are in the same memory type. David: maybe there should be such a requirement (that they all are unreadable)? Might be easier to support initially; we can relax later on. > The flag indicates that the skb contains all devmem dma-buf memory > specifically, not generic 'not_readable' frags as the comment says: > > + * @devmem: indicates that all the fragments in this skb are backed by > + * device memory. > > The reason it's not a generic 'not_readable' flag is because handing > off a generic not_readable skb to the userspace is semantically not > what we're doing. recvmsg() is augmented in this patch series to > return a devmem skb to the user via a cmsg_devmem struct which refers > specifically to the memory in the dma-buf. recvmsg() in this patch > series is not augmented to give any 'not_readable' skb to the > userspace. > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > correct. If a new type of unreadable skbs are introduced to the stack, > I imagine the stack would implement: > > 1. new header flag: skb->newmem > 2. > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > { > return skb->devmem || skb->newmem; > } > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. You copy it to the userspace in a special way because your frags are page_is_page_pool_iov(). I agree with David, the skb bit is just and optimization. For most of the core stack, it doesn't matter why your skb is not readable. For a few places where it matters (recvmsg?), you can double-check your frags (all or some) with page_is_page_pool_iov. Unrelated: we probably need socket to dmabuf association as well (via netlink or something). We are fundamentally receiving into and sending from a dmabuf (devmem == dmabuf). And once you have this association, recvmsg shouldn't need any new special flags.
On Mon, Nov 6, 2023 at 1:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > On 11/06, Mina Almasry wrote: > > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > > On 11/05, Mina Almasry wrote: > > > >> For device memory TCP, we expect the skb headers to be available in host > > > >> memory for access, and we expect the skb frags to be in device memory > > > >> and unaccessible to the host. We expect there to be no mixing and > > > >> matching of device memory frags (unaccessible) with host memory frags > > > >> (accessible) in the same skb. > > > >> > > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > > >> are device memory frags or not. > > > >> > > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > > >> and marks the skb as skb->devmem accordingly. > > > >> > > > >> Add checks through the network stack to avoid accessing the frags of > > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > > >> > > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > > >> > > > >> --- > > > >> include/linux/skbuff.h | 14 +++++++- > > > >> include/net/tcp.h | 5 +-- > > > >> net/core/datagram.c | 6 ++++ > > > >> net/core/gro.c | 5 ++- > > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > > >> net/ipv4/tcp.c | 6 ++++ > > > >> net/ipv4/tcp_input.c | 13 +++++-- > > > >> net/ipv4/tcp_output.c | 5 ++- > > > >> net/packet/af_packet.c | 4 +-- > > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > > >> > > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > > >> index 1fae276c1353..8fb468ff8115 100644 > > > >> --- a/include/linux/skbuff.h > > > >> +++ b/include/linux/skbuff.h > > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > > >> * @csum_level: indicates the number of consecutive checksums found in > > > >> * the packet minus one that have been verified as > > > >> * CHECKSUM_UNNECESSARY (max 3) > > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > > >> + * device memory. > > > >> * @dst_pending_confirm: need to confirm neighbour > > > >> * @decrypted: Decrypted SKB > > > >> * @slow_gro: state present at GRO time, slower prepare step required > > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > > >> __u8 csum_not_inet:1; > > > >> #endif > > > >> - > > > >> + __u8 devmem:1; > > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > > >> __u16 tc_index; /* traffic control index */ > > > >> #endif > > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > > >> __skb_zcopy_downgrade_managed(skb); > > > >> } > > > >> > > > >> +/* Return true if frags in this skb are not readable by the host. */ > > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > > >> +{ > > > >> + return skb->devmem; > > > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > > It better communicates the fact that the stack shouldn't dereference the > > > > frags (because it has 'devmem' fragments or for some other potential > > > > future reason). > > > > > > +1. > > > > > > Also, the flag on the skb is an optimization - a high level signal that > > > one or more frags is in unreadable memory. There is no requirement that > > > all of the frags are in the same memory type. > > David: maybe there should be such a requirement (that they all are > unreadable)? Might be easier to support initially; we can relax later > on. > Currently devmem == not_readable, and the restriction is that all the frags in the same skb must be either all readable or all unreadable (all devmem or all non-devmem). > > The flag indicates that the skb contains all devmem dma-buf memory > > specifically, not generic 'not_readable' frags as the comment says: > > > > + * @devmem: indicates that all the fragments in this skb are backed by > > + * device memory. > > > > The reason it's not a generic 'not_readable' flag is because handing > > off a generic not_readable skb to the userspace is semantically not > > what we're doing. recvmsg() is augmented in this patch series to > > return a devmem skb to the user via a cmsg_devmem struct which refers > > specifically to the memory in the dma-buf. recvmsg() in this patch > > series is not augmented to give any 'not_readable' skb to the > > userspace. > > > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > > correct. If a new type of unreadable skbs are introduced to the stack, > > I imagine the stack would implement: > > > > 1. new header flag: skb->newmem > > 2. > > > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > > { > > return skb->devmem || skb->newmem; > > } > > > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. > > You copy it to the userspace in a special way because your frags > are page_is_page_pool_iov(). I agree with David, the skb bit is > just and optimization. > > For most of the core stack, it doesn't matter why your skb is not > readable. For a few places where it matters (recvmsg?), you can > double-check your frags (all or some) with page_is_page_pool_iov. > I see, we can do that then. I.e. make the header flag 'not_readable' and check the frags to decide to delegate to tcp_recvmsg_devmem() or something else. We can even assume not_readable == devmem because currently devmem is the only type of unreadable frag currently. > Unrelated: we probably need socket to dmabuf association as well (via > netlink or something). Not sure this is possible. The dma-buf is bound to the rx-queue, and any packets that land on that rx-queue are bound to that dma-buf, regardless of which socket that packet belongs to. So the association IMO must be rx-queue to dma-buf, not socket to dma-buf. > We are fundamentally receiving into and sending from a dmabuf (devmem == > dmabuf). > And once you have this association, recvmsg shouldn't need any new > special flags.
On 11/06, Mina Almasry wrote: > On Mon, Nov 6, 2023 at 1:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > On 11/06, Mina Almasry wrote: > > > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > > > On 11/05, Mina Almasry wrote: > > > > >> For device memory TCP, we expect the skb headers to be available in host > > > > >> memory for access, and we expect the skb frags to be in device memory > > > > >> and unaccessible to the host. We expect there to be no mixing and > > > > >> matching of device memory frags (unaccessible) with host memory frags > > > > >> (accessible) in the same skb. > > > > >> > > > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > > > >> are device memory frags or not. > > > > >> > > > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > > > >> and marks the skb as skb->devmem accordingly. > > > > >> > > > > >> Add checks through the network stack to avoid accessing the frags of > > > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > > > >> > > > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > > > >> > > > > >> --- > > > > >> include/linux/skbuff.h | 14 +++++++- > > > > >> include/net/tcp.h | 5 +-- > > > > >> net/core/datagram.c | 6 ++++ > > > > >> net/core/gro.c | 5 ++- > > > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > > > >> net/ipv4/tcp.c | 6 ++++ > > > > >> net/ipv4/tcp_input.c | 13 +++++-- > > > > >> net/ipv4/tcp_output.c | 5 ++- > > > > >> net/packet/af_packet.c | 4 +-- > > > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > > > >> > > > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > > > >> index 1fae276c1353..8fb468ff8115 100644 > > > > >> --- a/include/linux/skbuff.h > > > > >> +++ b/include/linux/skbuff.h > > > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > > > >> * @csum_level: indicates the number of consecutive checksums found in > > > > >> * the packet minus one that have been verified as > > > > >> * CHECKSUM_UNNECESSARY (max 3) > > > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > > > >> + * device memory. > > > > >> * @dst_pending_confirm: need to confirm neighbour > > > > >> * @decrypted: Decrypted SKB > > > > >> * @slow_gro: state present at GRO time, slower prepare step required > > > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > > > >> __u8 csum_not_inet:1; > > > > >> #endif > > > > >> - > > > > >> + __u8 devmem:1; > > > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > > > >> __u16 tc_index; /* traffic control index */ > > > > >> #endif > > > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > > > >> __skb_zcopy_downgrade_managed(skb); > > > > >> } > > > > >> > > > > >> +/* Return true if frags in this skb are not readable by the host. */ > > > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > > > >> +{ > > > > >> + return skb->devmem; > > > > > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > > > It better communicates the fact that the stack shouldn't dereference the > > > > > frags (because it has 'devmem' fragments or for some other potential > > > > > future reason). > > > > > > > > +1. > > > > > > > > Also, the flag on the skb is an optimization - a high level signal that > > > > one or more frags is in unreadable memory. There is no requirement that > > > > all of the frags are in the same memory type. > > > > David: maybe there should be such a requirement (that they all are > > unreadable)? Might be easier to support initially; we can relax later > > on. > > > > Currently devmem == not_readable, and the restriction is that all the > frags in the same skb must be either all readable or all unreadable > (all devmem or all non-devmem). > > > > The flag indicates that the skb contains all devmem dma-buf memory > > > specifically, not generic 'not_readable' frags as the comment says: > > > > > > + * @devmem: indicates that all the fragments in this skb are backed by > > > + * device memory. > > > > > > The reason it's not a generic 'not_readable' flag is because handing > > > off a generic not_readable skb to the userspace is semantically not > > > what we're doing. recvmsg() is augmented in this patch series to > > > return a devmem skb to the user via a cmsg_devmem struct which refers > > > specifically to the memory in the dma-buf. recvmsg() in this patch > > > series is not augmented to give any 'not_readable' skb to the > > > userspace. > > > > > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > > > correct. If a new type of unreadable skbs are introduced to the stack, > > > I imagine the stack would implement: > > > > > > 1. new header flag: skb->newmem > > > 2. > > > > > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > > > { > > > return skb->devmem || skb->newmem; > > > } > > > > > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > > > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. > > > > You copy it to the userspace in a special way because your frags > > are page_is_page_pool_iov(). I agree with David, the skb bit is > > just and optimization. > > > > For most of the core stack, it doesn't matter why your skb is not > > readable. For a few places where it matters (recvmsg?), you can > > double-check your frags (all or some) with page_is_page_pool_iov. > > > > I see, we can do that then. I.e. make the header flag 'not_readable' > and check the frags to decide to delegate to tcp_recvmsg_devmem() or > something else. We can even assume not_readable == devmem because > currently devmem is the only type of unreadable frag currently. > > > Unrelated: we probably need socket to dmabuf association as well (via > > netlink or something). > > Not sure this is possible. The dma-buf is bound to the rx-queue, and > any packets that land on that rx-queue are bound to that dma-buf, > regardless of which socket that packet belongs to. So the association > IMO must be rx-queue to dma-buf, not socket to dma-buf. But there is still always 1 dmabuf to 1 socket association (on rx), right? Because otherwise, there is no way currently to tell, at recvmsg, which dmabuf the received token belongs to. So why not have a separate control channel action to say: this socket fd is supposed to receive into this dmabuf fd? This action would put the socket into permanent 'MSG_SOCK_DEVMEM' mode. Maybe you can also put some checks at the lower level to to enforce this dmabuf association. (to avoid any potential issues with flow steering) We'll still have dmabuf to rx-queue association because of various reasons..
On Mon, Nov 6, 2023 at 2:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > On 11/06, Mina Almasry wrote: > > On Mon, Nov 6, 2023 at 1:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > On 11/06, Mina Almasry wrote: > > > > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > > > > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > > > > On 11/05, Mina Almasry wrote: > > > > > >> For device memory TCP, we expect the skb headers to be available in host > > > > > >> memory for access, and we expect the skb frags to be in device memory > > > > > >> and unaccessible to the host. We expect there to be no mixing and > > > > > >> matching of device memory frags (unaccessible) with host memory frags > > > > > >> (accessible) in the same skb. > > > > > >> > > > > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > > > > >> are device memory frags or not. > > > > > >> > > > > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > > > > >> and marks the skb as skb->devmem accordingly. > > > > > >> > > > > > >> Add checks through the network stack to avoid accessing the frags of > > > > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > > > > >> > > > > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > > > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > > > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > > > > >> > > > > > >> --- > > > > > >> include/linux/skbuff.h | 14 +++++++- > > > > > >> include/net/tcp.h | 5 +-- > > > > > >> net/core/datagram.c | 6 ++++ > > > > > >> net/core/gro.c | 5 ++- > > > > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > > > > >> net/ipv4/tcp.c | 6 ++++ > > > > > >> net/ipv4/tcp_input.c | 13 +++++-- > > > > > >> net/ipv4/tcp_output.c | 5 ++- > > > > > >> net/packet/af_packet.c | 4 +-- > > > > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > > > > >> > > > > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > > > > >> index 1fae276c1353..8fb468ff8115 100644 > > > > > >> --- a/include/linux/skbuff.h > > > > > >> +++ b/include/linux/skbuff.h > > > > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > > > > >> * @csum_level: indicates the number of consecutive checksums found in > > > > > >> * the packet minus one that have been verified as > > > > > >> * CHECKSUM_UNNECESSARY (max 3) > > > > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > > > > >> + * device memory. > > > > > >> * @dst_pending_confirm: need to confirm neighbour > > > > > >> * @decrypted: Decrypted SKB > > > > > >> * @slow_gro: state present at GRO time, slower prepare step required > > > > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > > > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > > > > >> __u8 csum_not_inet:1; > > > > > >> #endif > > > > > >> - > > > > > >> + __u8 devmem:1; > > > > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > > > > >> __u16 tc_index; /* traffic control index */ > > > > > >> #endif > > > > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > > > > >> __skb_zcopy_downgrade_managed(skb); > > > > > >> } > > > > > >> > > > > > >> +/* Return true if frags in this skb are not readable by the host. */ > > > > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > > > > >> +{ > > > > > >> + return skb->devmem; > > > > > > > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > > > > It better communicates the fact that the stack shouldn't dereference the > > > > > > frags (because it has 'devmem' fragments or for some other potential > > > > > > future reason). > > > > > > > > > > +1. > > > > > > > > > > Also, the flag on the skb is an optimization - a high level signal that > > > > > one or more frags is in unreadable memory. There is no requirement that > > > > > all of the frags are in the same memory type. > > > > > > David: maybe there should be such a requirement (that they all are > > > unreadable)? Might be easier to support initially; we can relax later > > > on. > > > > > > > Currently devmem == not_readable, and the restriction is that all the > > frags in the same skb must be either all readable or all unreadable > > (all devmem or all non-devmem). > > > > > > The flag indicates that the skb contains all devmem dma-buf memory > > > > specifically, not generic 'not_readable' frags as the comment says: > > > > > > > > + * @devmem: indicates that all the fragments in this skb are backed by > > > > + * device memory. > > > > > > > > The reason it's not a generic 'not_readable' flag is because handing > > > > off a generic not_readable skb to the userspace is semantically not > > > > what we're doing. recvmsg() is augmented in this patch series to > > > > return a devmem skb to the user via a cmsg_devmem struct which refers > > > > specifically to the memory in the dma-buf. recvmsg() in this patch > > > > series is not augmented to give any 'not_readable' skb to the > > > > userspace. > > > > > > > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > > > > correct. If a new type of unreadable skbs are introduced to the stack, > > > > I imagine the stack would implement: > > > > > > > > 1. new header flag: skb->newmem > > > > 2. > > > > > > > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > > > > { > > > > return skb->devmem || skb->newmem; > > > > } > > > > > > > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > > > > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. > > > > > > You copy it to the userspace in a special way because your frags > > > are page_is_page_pool_iov(). I agree with David, the skb bit is > > > just and optimization. > > > > > > For most of the core stack, it doesn't matter why your skb is not > > > readable. For a few places where it matters (recvmsg?), you can > > > double-check your frags (all or some) with page_is_page_pool_iov. > > > > > > > I see, we can do that then. I.e. make the header flag 'not_readable' > > and check the frags to decide to delegate to tcp_recvmsg_devmem() or > > something else. We can even assume not_readable == devmem because > > currently devmem is the only type of unreadable frag currently. > > > > > Unrelated: we probably need socket to dmabuf association as well (via > > > netlink or something). > > > > Not sure this is possible. The dma-buf is bound to the rx-queue, and > > any packets that land on that rx-queue are bound to that dma-buf, > > regardless of which socket that packet belongs to. So the association > > IMO must be rx-queue to dma-buf, not socket to dma-buf. > > But there is still always 1 dmabuf to 1 socket association (on rx), right? > Because otherwise, there is no way currently to tell, at recvmsg, which > dmabuf the received token belongs to. > Yes, but this 1 dma-buf to 1 socket association happens because the user binds the dma-buf to an rx-queue and configures flow steering of the socket to that rx-queue. > So why not have a separate control channel action to say: this socket fd > is supposed to receive into this dmabuf fd? > This action would put > the socket into permanent 'MSG_SOCK_DEVMEM' mode. Maybe you can also > put some checks at the lower level to to enforce this dmabuf > association. (to avoid any potential issues with flow steering) > setsockopt(SO_DEVMEM_ASSERT_DMA_BUF, dmabuf_fd)? Sounds interesting, but maybe a bit of a weird API to me. Because the API can't enforce the socket to receive packets on a dma-buf (rx-queue binding + flow steering does that), but the API can assert that incoming packets are received on said dma-buf. I guess it would check packets before they are acked and would drop packets that landed on the wrong queue. I'm a bit unsure about defensively programming features (and uapi no less) to 'avoid any potential issues with flow steering'. Flow steering is supposed to work. Also if we wanted to defensively program something to avoid flow steering issues, then I'd suggest adding to cmsg_devmem the dma-buf fd that the data is on, not this setsockopt() that asserts. IMO it's a weird API for the userspace to ask the kernel to assert some condition (at least I haven't seen it before or commonly). But again, in general, I'm a bit unsure about defensively designing uapi around a feature like flow steering that's supposed to work. > We'll still have dmabuf to rx-queue association because of various reasons.. -- Thanks, Mina
On 11/6/23 3:18 PM, Mina Almasry wrote: >>>>>> @@ -991,7 +993,7 @@ struct sk_buff { >>>>>> #if IS_ENABLED(CONFIG_IP_SCTP) >>>>>> __u8 csum_not_inet:1; >>>>>> #endif >>>>>> - >>>>>> + __u8 devmem:1; >>>>>> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) >>>>>> __u16 tc_index; /* traffic control index */ >>>>>> #endif >>>>>> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) >>>>>> __skb_zcopy_downgrade_managed(skb); >>>>>> } >>>>>> >>>>>> +/* Return true if frags in this skb are not readable by the host. */ >>>>>> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) >>>>>> +{ >>>>>> + return skb->devmem; >>>>> >>>>> bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? >>>>> It better communicates the fact that the stack shouldn't dereference the >>>>> frags (because it has 'devmem' fragments or for some other potential >>>>> future reason). >>>> >>>> +1. >>>> >>>> Also, the flag on the skb is an optimization - a high level signal that >>>> one or more frags is in unreadable memory. There is no requirement that >>>> all of the frags are in the same memory type. >> >> David: maybe there should be such a requirement (that they all are >> unreadable)? Might be easier to support initially; we can relax later >> on. >> > > Currently devmem == not_readable, and the restriction is that all the > frags in the same skb must be either all readable or all unreadable > (all devmem or all non-devmem). What requires that restriction? In all of the uses of skb->devmem and skb_frags_not_readable() what matters is if any frag is not readable, then frag list walk or collapse is avoided.
On Mon, Nov 6, 2023 at 3:27 PM Mina Almasry <almasrymina@google.com> wrote: > > On Mon, Nov 6, 2023 at 2:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > On 11/06, Mina Almasry wrote: > > > On Mon, Nov 6, 2023 at 1:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > > > > > > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > > > > > On 11/05, Mina Almasry wrote: > > > > > > >> For device memory TCP, we expect the skb headers to be available in host > > > > > > >> memory for access, and we expect the skb frags to be in device memory > > > > > > >> and unaccessible to the host. We expect there to be no mixing and > > > > > > >> matching of device memory frags (unaccessible) with host memory frags > > > > > > >> (accessible) in the same skb. > > > > > > >> > > > > > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > > > > > >> are device memory frags or not. > > > > > > >> > > > > > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > > > > > >> and marks the skb as skb->devmem accordingly. > > > > > > >> > > > > > > >> Add checks through the network stack to avoid accessing the frags of > > > > > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > > > > > >> > > > > > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > > > > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > > > > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > > > > > >> > > > > > > >> --- > > > > > > >> include/linux/skbuff.h | 14 +++++++- > > > > > > >> include/net/tcp.h | 5 +-- > > > > > > >> net/core/datagram.c | 6 ++++ > > > > > > >> net/core/gro.c | 5 ++- > > > > > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > > > > > >> net/ipv4/tcp.c | 6 ++++ > > > > > > >> net/ipv4/tcp_input.c | 13 +++++-- > > > > > > >> net/ipv4/tcp_output.c | 5 ++- > > > > > > >> net/packet/af_packet.c | 4 +-- > > > > > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > > > > > >> > > > > > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > > > > > >> index 1fae276c1353..8fb468ff8115 100644 > > > > > > >> --- a/include/linux/skbuff.h > > > > > > >> +++ b/include/linux/skbuff.h > > > > > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > > > > > >> * @csum_level: indicates the number of consecutive checksums found in > > > > > > >> * the packet minus one that have been verified as > > > > > > >> * CHECKSUM_UNNECESSARY (max 3) > > > > > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > >> + * device memory. > > > > > > >> * @dst_pending_confirm: need to confirm neighbour > > > > > > >> * @decrypted: Decrypted SKB > > > > > > >> * @slow_gro: state present at GRO time, slower prepare step required > > > > > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > > > > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > > > > > >> __u8 csum_not_inet:1; > > > > > > >> #endif > > > > > > >> - > > > > > > >> + __u8 devmem:1; > > > > > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > > > > > >> __u16 tc_index; /* traffic control index */ > > > > > > >> #endif > > > > > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > > > > > >> __skb_zcopy_downgrade_managed(skb); > > > > > > >> } > > > > > > >> > > > > > > >> +/* Return true if frags in this skb are not readable by the host. */ > > > > > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > > > > > >> +{ > > > > > > >> + return skb->devmem; > > > > > > > > > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > > > > > It better communicates the fact that the stack shouldn't dereference the > > > > > > > frags (because it has 'devmem' fragments or for some other potential > > > > > > > future reason). > > > > > > > > > > > > +1. > > > > > > > > > > > > Also, the flag on the skb is an optimization - a high level signal that > > > > > > one or more frags is in unreadable memory. There is no requirement that > > > > > > all of the frags are in the same memory type. > > > > > > > > David: maybe there should be such a requirement (that they all are > > > > unreadable)? Might be easier to support initially; we can relax later > > > > on. > > > > > > > > > > Currently devmem == not_readable, and the restriction is that all the > > > frags in the same skb must be either all readable or all unreadable > > > (all devmem or all non-devmem). > > > > > > > > The flag indicates that the skb contains all devmem dma-buf memory > > > > > specifically, not generic 'not_readable' frags as the comment says: > > > > > > > > > > + * @devmem: indicates that all the fragments in this skb are backed by > > > > > + * device memory. > > > > > > > > > > The reason it's not a generic 'not_readable' flag is because handing > > > > > off a generic not_readable skb to the userspace is semantically not > > > > > what we're doing. recvmsg() is augmented in this patch series to > > > > > return a devmem skb to the user via a cmsg_devmem struct which refers > > > > > specifically to the memory in the dma-buf. recvmsg() in this patch > > > > > series is not augmented to give any 'not_readable' skb to the > > > > > userspace. > > > > > > > > > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > > > > > correct. If a new type of unreadable skbs are introduced to the stack, > > > > > I imagine the stack would implement: > > > > > > > > > > 1. new header flag: skb->newmem > > > > > 2. > > > > > > > > > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > > > > > { > > > > > return skb->devmem || skb->newmem; > > > > > } > > > > > > > > > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > > > > > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. > > > > > > > > You copy it to the userspace in a special way because your frags > > > > are page_is_page_pool_iov(). I agree with David, the skb bit is > > > > just and optimization. > > > > > > > > For most of the core stack, it doesn't matter why your skb is not > > > > readable. For a few places where it matters (recvmsg?), you can > > > > double-check your frags (all or some) with page_is_page_pool_iov. > > > > > > > > > > I see, we can do that then. I.e. make the header flag 'not_readable' > > > and check the frags to decide to delegate to tcp_recvmsg_devmem() or > > > something else. We can even assume not_readable == devmem because > > > currently devmem is the only type of unreadable frag currently. > > > > > > > Unrelated: we probably need socket to dmabuf association as well (via > > > > netlink or something). > > > > > > Not sure this is possible. The dma-buf is bound to the rx-queue, and > > > any packets that land on that rx-queue are bound to that dma-buf, > > > regardless of which socket that packet belongs to. So the association > > > IMO must be rx-queue to dma-buf, not socket to dma-buf. > > > > But there is still always 1 dmabuf to 1 socket association (on rx), right? > > Because otherwise, there is no way currently to tell, at recvmsg, which > > dmabuf the received token belongs to. > > > > Yes, but this 1 dma-buf to 1 socket association happens because the > user binds the dma-buf to an rx-queue and configures flow steering of > the socket to that rx-queue. It's still fixed and won't change during the socket lifetime, right? And the socket has to know this association; otherwise those tokens are useless since they don't carry anything to identify the dmabuf. I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that it somehow implies that I have an option of passing or not passing it for an individual system call. If we know that we're going to use dmabuf with the socket, maybe we should move this flag to the socket() syscall? fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); ? > > So why not have a separate control channel action to say: this socket fd > > is supposed to receive into this dmabuf fd? > > This action would put > > the socket into permanent 'MSG_SOCK_DEVMEM' mode. Maybe you can also > > put some checks at the lower level to to enforce this dmabuf > > association. (to avoid any potential issues with flow steering) > > > > setsockopt(SO_DEVMEM_ASSERT_DMA_BUF, dmabuf_fd)? Sounds interesting, > but maybe a bit of a weird API to me. Because the API can't enforce > the socket to receive packets on a dma-buf (rx-queue binding + flow > steering does that), but the API can assert that incoming packets are > received on said dma-buf. I guess it would check packets before they > are acked and would drop packets that landed on the wrong queue. > > I'm a bit unsure about defensively programming features (and uapi no > less) to 'avoid any potential issues with flow steering'. Flow > steering is supposed to work. > > Also if we wanted to defensively program something to avoid flow > steering issues, then I'd suggest adding to cmsg_devmem the dma-buf fd > that the data is on, not this setsockopt() that asserts. IMO it's a > weird API for the userspace to ask the kernel to assert some condition > (at least I haven't seen it before or commonly). > > But again, in general, I'm a bit unsure about defensively designing > uapi around a feature like flow steering that's supposed to work.
On Mon, Nov 6, 2023 at 3:37 PM David Ahern <dsahern@kernel.org> wrote: > > On 11/6/23 3:18 PM, Mina Almasry wrote: > >>>>>> @@ -991,7 +993,7 @@ struct sk_buff { > >>>>>> #if IS_ENABLED(CONFIG_IP_SCTP) > >>>>>> __u8 csum_not_inet:1; > >>>>>> #endif > >>>>>> - > >>>>>> + __u8 devmem:1; > >>>>>> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > >>>>>> __u16 tc_index; /* traffic control index */ > >>>>>> #endif > >>>>>> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > >>>>>> __skb_zcopy_downgrade_managed(skb); > >>>>>> } > >>>>>> > >>>>>> +/* Return true if frags in this skb are not readable by the host. */ > >>>>>> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > >>>>>> +{ > >>>>>> + return skb->devmem; > >>>>> > >>>>> bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > >>>>> It better communicates the fact that the stack shouldn't dereference the > >>>>> frags (because it has 'devmem' fragments or for some other potential > >>>>> future reason). > >>>> > >>>> +1. > >>>> > >>>> Also, the flag on the skb is an optimization - a high level signal that > >>>> one or more frags is in unreadable memory. There is no requirement that > >>>> all of the frags are in the same memory type. > >> > >> David: maybe there should be such a requirement (that they all are > >> unreadable)? Might be easier to support initially; we can relax later > >> on. > >> > > > > Currently devmem == not_readable, and the restriction is that all the > > frags in the same skb must be either all readable or all unreadable > > (all devmem or all non-devmem). > > What requires that restriction? In all of the uses of skb->devmem and > skb_frags_not_readable() what matters is if any frag is not readable, > then frag list walk or collapse is avoided. > > Currently only tcp_recvmsg_devmem(), I think. tcp_recvmsg_locked() delegates to tcp_recvmsg_devmem() if skb->devmem, and tcp_recvmsg_devmem() net_err's if it finds a non-iov frag in the skb. This is done for some simplicity, because iov's are given to the user via cmsg, but pages are copied into the linear buffer. I think it would be confusing for the user if we simultaneously copied some data to the linear buffer and gave them a devmem cmsgs in the same recvmsg() call. So, my simplicity is: 1. in a single skb, all frags must be devmem or non-devmem, no mixing. 2. In a single recvmsg() call, we only process devmem or non-devmem skbs, no mixing.
On Mon, Nov 6, 2023 at 3:55 PM Stanislav Fomichev <sdf@google.com> wrote: > > On Mon, Nov 6, 2023 at 3:27 PM Mina Almasry <almasrymina@google.com> wrote: > > > > On Mon, Nov 6, 2023 at 2:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > On 11/06, Mina Almasry wrote: > > > > On Mon, Nov 6, 2023 at 1:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > > > > > > > > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > > > > > > On 11/05, Mina Almasry wrote: > > > > > > > >> For device memory TCP, we expect the skb headers to be available in host > > > > > > > >> memory for access, and we expect the skb frags to be in device memory > > > > > > > >> and unaccessible to the host. We expect there to be no mixing and > > > > > > > >> matching of device memory frags (unaccessible) with host memory frags > > > > > > > >> (accessible) in the same skb. > > > > > > > >> > > > > > > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > > > > > > >> are device memory frags or not. > > > > > > > >> > > > > > > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > > > > > > >> and marks the skb as skb->devmem accordingly. > > > > > > > >> > > > > > > > >> Add checks through the network stack to avoid accessing the frags of > > > > > > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > > > > > > >> > > > > > > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > > > > > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > > > > > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > > > > > > >> > > > > > > > >> --- > > > > > > > >> include/linux/skbuff.h | 14 +++++++- > > > > > > > >> include/net/tcp.h | 5 +-- > > > > > > > >> net/core/datagram.c | 6 ++++ > > > > > > > >> net/core/gro.c | 5 ++- > > > > > > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > > > > > > >> net/ipv4/tcp.c | 6 ++++ > > > > > > > >> net/ipv4/tcp_input.c | 13 +++++-- > > > > > > > >> net/ipv4/tcp_output.c | 5 ++- > > > > > > > >> net/packet/af_packet.c | 4 +-- > > > > > > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > > > > > > >> > > > > > > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > > > > > > >> index 1fae276c1353..8fb468ff8115 100644 > > > > > > > >> --- a/include/linux/skbuff.h > > > > > > > >> +++ b/include/linux/skbuff.h > > > > > > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > > > > > > >> * @csum_level: indicates the number of consecutive checksums found in > > > > > > > >> * the packet minus one that have been verified as > > > > > > > >> * CHECKSUM_UNNECESSARY (max 3) > > > > > > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > > >> + * device memory. > > > > > > > >> * @dst_pending_confirm: need to confirm neighbour > > > > > > > >> * @decrypted: Decrypted SKB > > > > > > > >> * @slow_gro: state present at GRO time, slower prepare step required > > > > > > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > > > > > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > > > > > > >> __u8 csum_not_inet:1; > > > > > > > >> #endif > > > > > > > >> - > > > > > > > >> + __u8 devmem:1; > > > > > > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > > > > > > >> __u16 tc_index; /* traffic control index */ > > > > > > > >> #endif > > > > > > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > > > > > > >> __skb_zcopy_downgrade_managed(skb); > > > > > > > >> } > > > > > > > >> > > > > > > > >> +/* Return true if frags in this skb are not readable by the host. */ > > > > > > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > > > > > > >> +{ > > > > > > > >> + return skb->devmem; > > > > > > > > > > > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > > > > > > It better communicates the fact that the stack shouldn't dereference the > > > > > > > > frags (because it has 'devmem' fragments or for some other potential > > > > > > > > future reason). > > > > > > > > > > > > > > +1. > > > > > > > > > > > > > > Also, the flag on the skb is an optimization - a high level signal that > > > > > > > one or more frags is in unreadable memory. There is no requirement that > > > > > > > all of the frags are in the same memory type. > > > > > > > > > > David: maybe there should be such a requirement (that they all are > > > > > unreadable)? Might be easier to support initially; we can relax later > > > > > on. > > > > > > > > > > > > > Currently devmem == not_readable, and the restriction is that all the > > > > frags in the same skb must be either all readable or all unreadable > > > > (all devmem or all non-devmem). > > > > > > > > > > The flag indicates that the skb contains all devmem dma-buf memory > > > > > > specifically, not generic 'not_readable' frags as the comment says: > > > > > > > > > > > > + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > + * device memory. > > > > > > > > > > > > The reason it's not a generic 'not_readable' flag is because handing > > > > > > off a generic not_readable skb to the userspace is semantically not > > > > > > what we're doing. recvmsg() is augmented in this patch series to > > > > > > return a devmem skb to the user via a cmsg_devmem struct which refers > > > > > > specifically to the memory in the dma-buf. recvmsg() in this patch > > > > > > series is not augmented to give any 'not_readable' skb to the > > > > > > userspace. > > > > > > > > > > > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > > > > > > correct. If a new type of unreadable skbs are introduced to the stack, > > > > > > I imagine the stack would implement: > > > > > > > > > > > > 1. new header flag: skb->newmem > > > > > > 2. > > > > > > > > > > > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > > > > > > { > > > > > > return skb->devmem || skb->newmem; > > > > > > } > > > > > > > > > > > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > > > > > > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. > > > > > > > > > > You copy it to the userspace in a special way because your frags > > > > > are page_is_page_pool_iov(). I agree with David, the skb bit is > > > > > just and optimization. > > > > > > > > > > For most of the core stack, it doesn't matter why your skb is not > > > > > readable. For a few places where it matters (recvmsg?), you can > > > > > double-check your frags (all or some) with page_is_page_pool_iov. > > > > > > > > > > > > > I see, we can do that then. I.e. make the header flag 'not_readable' > > > > and check the frags to decide to delegate to tcp_recvmsg_devmem() or > > > > something else. We can even assume not_readable == devmem because > > > > currently devmem is the only type of unreadable frag currently. > > > > > > > > > Unrelated: we probably need socket to dmabuf association as well (via > > > > > netlink or something). > > > > > > > > Not sure this is possible. The dma-buf is bound to the rx-queue, and > > > > any packets that land on that rx-queue are bound to that dma-buf, > > > > regardless of which socket that packet belongs to. So the association > > > > IMO must be rx-queue to dma-buf, not socket to dma-buf. > > > > > > But there is still always 1 dmabuf to 1 socket association (on rx), right? > > > Because otherwise, there is no way currently to tell, at recvmsg, which > > > dmabuf the received token belongs to. > > > > > > > Yes, but this 1 dma-buf to 1 socket association happens because the > > user binds the dma-buf to an rx-queue and configures flow steering of > > the socket to that rx-queue. > > It's still fixed and won't change during the socket lifetime, right? > And the socket has to know this association; otherwise those tokens > are useless since they don't carry anything to identify the dmabuf. > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > it somehow implies that I have an option of passing or not passing it > for an individual system call. > If we know that we're going to use dmabuf with the socket, maybe we > should move this flag to the socket() syscall? > > fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); > > ? I think it should then be a setsockopt called before any data is exchanged, with no change of modifying mode later. We generally use setsockopts for the mode of a socket. This use of the protocol field in socket() for setting a mode would be novel. Also, it might miss passively opened connections, or be overly restrictive: one approach for all accepted child sockets.
On 11/06, Willem de Bruijn wrote: > On Mon, Nov 6, 2023 at 3:55 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > On Mon, Nov 6, 2023 at 3:27 PM Mina Almasry <almasrymina@google.com> wrote: > > > > > > On Mon, Nov 6, 2023 at 2:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > On Mon, Nov 6, 2023 at 1:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > > > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > > > > > > > > > > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > > > > > > > On 11/05, Mina Almasry wrote: > > > > > > > > >> For device memory TCP, we expect the skb headers to be available in host > > > > > > > > >> memory for access, and we expect the skb frags to be in device memory > > > > > > > > >> and unaccessible to the host. We expect there to be no mixing and > > > > > > > > >> matching of device memory frags (unaccessible) with host memory frags > > > > > > > > >> (accessible) in the same skb. > > > > > > > > >> > > > > > > > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > > > > > > > >> are device memory frags or not. > > > > > > > > >> > > > > > > > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > > > > > > > >> and marks the skb as skb->devmem accordingly. > > > > > > > > >> > > > > > > > > >> Add checks through the network stack to avoid accessing the frags of > > > > > > > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > > > > > > > >> > > > > > > > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > > > > > > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > > > > > > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > > > > > > > >> > > > > > > > > >> --- > > > > > > > > >> include/linux/skbuff.h | 14 +++++++- > > > > > > > > >> include/net/tcp.h | 5 +-- > > > > > > > > >> net/core/datagram.c | 6 ++++ > > > > > > > > >> net/core/gro.c | 5 ++- > > > > > > > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > > > > > > > >> net/ipv4/tcp.c | 6 ++++ > > > > > > > > >> net/ipv4/tcp_input.c | 13 +++++-- > > > > > > > > >> net/ipv4/tcp_output.c | 5 ++- > > > > > > > > >> net/packet/af_packet.c | 4 +-- > > > > > > > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > > > > > > > >> > > > > > > > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > > > > > > > >> index 1fae276c1353..8fb468ff8115 100644 > > > > > > > > >> --- a/include/linux/skbuff.h > > > > > > > > >> +++ b/include/linux/skbuff.h > > > > > > > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > > > > > > > >> * @csum_level: indicates the number of consecutive checksums found in > > > > > > > > >> * the packet minus one that have been verified as > > > > > > > > >> * CHECKSUM_UNNECESSARY (max 3) > > > > > > > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > > > >> + * device memory. > > > > > > > > >> * @dst_pending_confirm: need to confirm neighbour > > > > > > > > >> * @decrypted: Decrypted SKB > > > > > > > > >> * @slow_gro: state present at GRO time, slower prepare step required > > > > > > > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > > > > > > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > > > > > > > >> __u8 csum_not_inet:1; > > > > > > > > >> #endif > > > > > > > > >> - > > > > > > > > >> + __u8 devmem:1; > > > > > > > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > > > > > > > >> __u16 tc_index; /* traffic control index */ > > > > > > > > >> #endif > > > > > > > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > > > > > > > >> __skb_zcopy_downgrade_managed(skb); > > > > > > > > >> } > > > > > > > > >> > > > > > > > > >> +/* Return true if frags in this skb are not readable by the host. */ > > > > > > > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > > > > > > > >> +{ > > > > > > > > >> + return skb->devmem; > > > > > > > > > > > > > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > > > > > > > It better communicates the fact that the stack shouldn't dereference the > > > > > > > > > frags (because it has 'devmem' fragments or for some other potential > > > > > > > > > future reason). > > > > > > > > > > > > > > > > +1. > > > > > > > > > > > > > > > > Also, the flag on the skb is an optimization - a high level signal that > > > > > > > > one or more frags is in unreadable memory. There is no requirement that > > > > > > > > all of the frags are in the same memory type. > > > > > > > > > > > > David: maybe there should be such a requirement (that they all are > > > > > > unreadable)? Might be easier to support initially; we can relax later > > > > > > on. > > > > > > > > > > > > > > > > Currently devmem == not_readable, and the restriction is that all the > > > > > frags in the same skb must be either all readable or all unreadable > > > > > (all devmem or all non-devmem). > > > > > > > > > > > > The flag indicates that the skb contains all devmem dma-buf memory > > > > > > > specifically, not generic 'not_readable' frags as the comment says: > > > > > > > > > > > > > > + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > > + * device memory. > > > > > > > > > > > > > > The reason it's not a generic 'not_readable' flag is because handing > > > > > > > off a generic not_readable skb to the userspace is semantically not > > > > > > > what we're doing. recvmsg() is augmented in this patch series to > > > > > > > return a devmem skb to the user via a cmsg_devmem struct which refers > > > > > > > specifically to the memory in the dma-buf. recvmsg() in this patch > > > > > > > series is not augmented to give any 'not_readable' skb to the > > > > > > > userspace. > > > > > > > > > > > > > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > > > > > > > correct. If a new type of unreadable skbs are introduced to the stack, > > > > > > > I imagine the stack would implement: > > > > > > > > > > > > > > 1. new header flag: skb->newmem > > > > > > > 2. > > > > > > > > > > > > > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > > > > > > > { > > > > > > > return skb->devmem || skb->newmem; > > > > > > > } > > > > > > > > > > > > > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > > > > > > > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. > > > > > > > > > > > > You copy it to the userspace in a special way because your frags > > > > > > are page_is_page_pool_iov(). I agree with David, the skb bit is > > > > > > just and optimization. > > > > > > > > > > > > For most of the core stack, it doesn't matter why your skb is not > > > > > > readable. For a few places where it matters (recvmsg?), you can > > > > > > double-check your frags (all or some) with page_is_page_pool_iov. > > > > > > > > > > > > > > > > I see, we can do that then. I.e. make the header flag 'not_readable' > > > > > and check the frags to decide to delegate to tcp_recvmsg_devmem() or > > > > > something else. We can even assume not_readable == devmem because > > > > > currently devmem is the only type of unreadable frag currently. > > > > > > > > > > > Unrelated: we probably need socket to dmabuf association as well (via > > > > > > netlink or something). > > > > > > > > > > Not sure this is possible. The dma-buf is bound to the rx-queue, and > > > > > any packets that land on that rx-queue are bound to that dma-buf, > > > > > regardless of which socket that packet belongs to. So the association > > > > > IMO must be rx-queue to dma-buf, not socket to dma-buf. > > > > > > > > But there is still always 1 dmabuf to 1 socket association (on rx), right? > > > > Because otherwise, there is no way currently to tell, at recvmsg, which > > > > dmabuf the received token belongs to. > > > > > > > > > > Yes, but this 1 dma-buf to 1 socket association happens because the > > > user binds the dma-buf to an rx-queue and configures flow steering of > > > the socket to that rx-queue. > > > > It's still fixed and won't change during the socket lifetime, right? > > And the socket has to know this association; otherwise those tokens > > are useless since they don't carry anything to identify the dmabuf. > > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > it somehow implies that I have an option of passing or not passing it > > for an individual system call. > > If we know that we're going to use dmabuf with the socket, maybe we > > should move this flag to the socket() syscall? > > > > fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); > > > > ? > > I think it should then be a setsockopt called before any data is > exchanged, with no change of modifying mode later. We generally use > setsockopts for the mode of a socket. This use of the protocol field > in socket() for setting a mode would be novel. Also, it might miss > passively opened connections, or be overly restrictive: one approach > for all accepted child sockets. I was thinking this is similar to SOCK_CLOEXEC or SOCK_NONBLOCK? There are plenty of bits we can grab. But setsockopt works as well!
On 11/5/23 7:44 PM, Mina Almasry wrote: > diff --git a/net/core/datagram.c b/net/core/datagram.c > index 176eb5834746..cdd4fb129968 100644 > --- a/net/core/datagram.c > +++ b/net/core/datagram.c > @@ -425,6 +425,9 @@ static int __skb_datagram_iter(const struct sk_buff *skb, int offset, > return 0; > } > > + if (skb_frags_not_readable(skb)) > + goto short_copy; > + > /* Copy paged appendix. Hmm... why does this look so complicated? */ > for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { > int end; > @@ -616,6 +619,9 @@ int __zerocopy_sg_from_iter(struct msghdr *msg, struct sock *sk, > { > int frag; > > + if (skb_frags_not_readable(skb)) > + return -EFAULT; This check .... > + > if (msg && msg->msg_ubuf && msg->sg_from_iter) > return msg->sg_from_iter(sk, skb, from, length); ... should go here. That allows custome sg_from_iter to have access to the skb. What matters is not expecting struct page (e.g., refcounting); if the custom iter does not do that then all is well. io_uring's iter does not look at the pages, so all good. > > diff --git a/net/core/gro.c b/net/core/gro.c > index 42d7f6755f32..56046d65386a 100644 > --- a/net/core/gro.c > +++ b/net/core/gro.c > @@ -390,6 +390,9 @@ static void gro_pull_from_frag0(struct sk_buff *skb, int grow) > { > struct skb_shared_info *pinfo = skb_shinfo(skb); > > + if (WARN_ON_ONCE(skb_frags_not_readable(skb))) > + return; > + > BUG_ON(skb->end - skb->tail < grow); > > memcpy(skb_tail_pointer(skb), NAPI_GRO_CB(skb)->frag0, grow); > @@ -411,7 +414,7 @@ static void gro_try_pull_from_frag0(struct sk_buff *skb) > { > int grow = skb_gro_offset(skb) - skb_headlen(skb); > > - if (grow > 0) > + if (grow > 0 && !skb_frags_not_readable(skb)) > gro_pull_from_frag0(skb, grow); > } > > diff --git a/net/core/skbuff.c b/net/core/skbuff.c > index 13eca4fd25e1..f01673ed2eff 100644 > --- a/net/core/skbuff.c > +++ b/net/core/skbuff.c > @@ -1230,6 +1230,14 @@ void skb_dump(const char *level, const struct sk_buff *skb, bool full_pkt) > struct page *p; > u8 *vaddr; > > + if (skb_frag_is_page_pool_iov(frag)) { Why skb_frag_is_page_pool_iov here vs skb_frags_not_readable?
On Mon, Nov 6, 2023 at 4:08 PM Willem de Bruijn <willemdebruijn.kernel@gmail.com> wrote: > > On Mon, Nov 6, 2023 at 3:55 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > On Mon, Nov 6, 2023 at 3:27 PM Mina Almasry <almasrymina@google.com> wrote: > > > > > > On Mon, Nov 6, 2023 at 2:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > On Mon, Nov 6, 2023 at 1:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > > > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > > > > > > > > > > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > > > > > > > On 11/05, Mina Almasry wrote: > > > > > > > > >> For device memory TCP, we expect the skb headers to be available in host > > > > > > > > >> memory for access, and we expect the skb frags to be in device memory > > > > > > > > >> and unaccessible to the host. We expect there to be no mixing and > > > > > > > > >> matching of device memory frags (unaccessible) with host memory frags > > > > > > > > >> (accessible) in the same skb. > > > > > > > > >> > > > > > > > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > > > > > > > >> are device memory frags or not. > > > > > > > > >> > > > > > > > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > > > > > > > >> and marks the skb as skb->devmem accordingly. > > > > > > > > >> > > > > > > > > >> Add checks through the network stack to avoid accessing the frags of > > > > > > > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > > > > > > > >> > > > > > > > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > > > > > > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > > > > > > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > > > > > > > >> > > > > > > > > >> --- > > > > > > > > >> include/linux/skbuff.h | 14 +++++++- > > > > > > > > >> include/net/tcp.h | 5 +-- > > > > > > > > >> net/core/datagram.c | 6 ++++ > > > > > > > > >> net/core/gro.c | 5 ++- > > > > > > > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > > > > > > > >> net/ipv4/tcp.c | 6 ++++ > > > > > > > > >> net/ipv4/tcp_input.c | 13 +++++-- > > > > > > > > >> net/ipv4/tcp_output.c | 5 ++- > > > > > > > > >> net/packet/af_packet.c | 4 +-- > > > > > > > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > > > > > > > >> > > > > > > > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > > > > > > > >> index 1fae276c1353..8fb468ff8115 100644 > > > > > > > > >> --- a/include/linux/skbuff.h > > > > > > > > >> +++ b/include/linux/skbuff.h > > > > > > > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > > > > > > > >> * @csum_level: indicates the number of consecutive checksums found in > > > > > > > > >> * the packet minus one that have been verified as > > > > > > > > >> * CHECKSUM_UNNECESSARY (max 3) > > > > > > > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > > > >> + * device memory. > > > > > > > > >> * @dst_pending_confirm: need to confirm neighbour > > > > > > > > >> * @decrypted: Decrypted SKB > > > > > > > > >> * @slow_gro: state present at GRO time, slower prepare step required > > > > > > > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > > > > > > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > > > > > > > >> __u8 csum_not_inet:1; > > > > > > > > >> #endif > > > > > > > > >> - > > > > > > > > >> + __u8 devmem:1; > > > > > > > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > > > > > > > >> __u16 tc_index; /* traffic control index */ > > > > > > > > >> #endif > > > > > > > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > > > > > > > >> __skb_zcopy_downgrade_managed(skb); > > > > > > > > >> } > > > > > > > > >> > > > > > > > > >> +/* Return true if frags in this skb are not readable by the host. */ > > > > > > > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > > > > > > > >> +{ > > > > > > > > >> + return skb->devmem; > > > > > > > > > > > > > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > > > > > > > It better communicates the fact that the stack shouldn't dereference the > > > > > > > > > frags (because it has 'devmem' fragments or for some other potential > > > > > > > > > future reason). > > > > > > > > > > > > > > > > +1. > > > > > > > > > > > > > > > > Also, the flag on the skb is an optimization - a high level signal that > > > > > > > > one or more frags is in unreadable memory. There is no requirement that > > > > > > > > all of the frags are in the same memory type. > > > > > > > > > > > > David: maybe there should be such a requirement (that they all are > > > > > > unreadable)? Might be easier to support initially; we can relax later > > > > > > on. > > > > > > > > > > > > > > > > Currently devmem == not_readable, and the restriction is that all the > > > > > frags in the same skb must be either all readable or all unreadable > > > > > (all devmem or all non-devmem). > > > > > > > > > > > > The flag indicates that the skb contains all devmem dma-buf memory > > > > > > > specifically, not generic 'not_readable' frags as the comment says: > > > > > > > > > > > > > > + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > > + * device memory. > > > > > > > > > > > > > > The reason it's not a generic 'not_readable' flag is because handing > > > > > > > off a generic not_readable skb to the userspace is semantically not > > > > > > > what we're doing. recvmsg() is augmented in this patch series to > > > > > > > return a devmem skb to the user via a cmsg_devmem struct which refers > > > > > > > specifically to the memory in the dma-buf. recvmsg() in this patch > > > > > > > series is not augmented to give any 'not_readable' skb to the > > > > > > > userspace. > > > > > > > > > > > > > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > > > > > > > correct. If a new type of unreadable skbs are introduced to the stack, > > > > > > > I imagine the stack would implement: > > > > > > > > > > > > > > 1. new header flag: skb->newmem > > > > > > > 2. > > > > > > > > > > > > > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > > > > > > > { > > > > > > > return skb->devmem || skb->newmem; > > > > > > > } > > > > > > > > > > > > > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > > > > > > > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. > > > > > > > > > > > > You copy it to the userspace in a special way because your frags > > > > > > are page_is_page_pool_iov(). I agree with David, the skb bit is > > > > > > just and optimization. > > > > > > > > > > > > For most of the core stack, it doesn't matter why your skb is not > > > > > > readable. For a few places where it matters (recvmsg?), you can > > > > > > double-check your frags (all or some) with page_is_page_pool_iov. > > > > > > > > > > > > > > > > I see, we can do that then. I.e. make the header flag 'not_readable' > > > > > and check the frags to decide to delegate to tcp_recvmsg_devmem() or > > > > > something else. We can even assume not_readable == devmem because > > > > > currently devmem is the only type of unreadable frag currently. > > > > > > > > > > > Unrelated: we probably need socket to dmabuf association as well (via > > > > > > netlink or something). > > > > > > > > > > Not sure this is possible. The dma-buf is bound to the rx-queue, and > > > > > any packets that land on that rx-queue are bound to that dma-buf, > > > > > regardless of which socket that packet belongs to. So the association > > > > > IMO must be rx-queue to dma-buf, not socket to dma-buf. > > > > > > > > But there is still always 1 dmabuf to 1 socket association (on rx), right? > > > > Because otherwise, there is no way currently to tell, at recvmsg, which > > > > dmabuf the received token belongs to. > > > > > > > > > > Yes, but this 1 dma-buf to 1 socket association happens because the > > > user binds the dma-buf to an rx-queue and configures flow steering of > > > the socket to that rx-queue. > > > > It's still fixed and won't change during the socket lifetime, right? Technically, no. The user is free to modify or delete flow steering rules outside of the lifetime of the socket. Technically it's possible for the user to reconfigure flow steering while the socket is simultaneously receiving, and the result will be packets switching from devmem to non-devmem. For a reasonably correctly configured application the application would probably want to steer 1 flow to 1 dma-buf and never change it, but this is not something we enforce, but rather the user orchestrates. In theory someone can find a use case for configuring and unconfigure flow steering during a connection. > > And the socket has to know this association; otherwise those tokens > > are useless since they don't carry anything to identify the dmabuf. > > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > it somehow implies that I have an option of passing or not passing it > > for an individual system call. You do have the option of passing it or not passing it per system call. The MSG_SOCK_DEVMEM says the application is willing to receive devmem cmsgs - that's all. The application doesn't get to decide whether it's actually going to receive a devmem cmsg or not, because that's dictated by the type of skb that is present in the receive queue, and not up to the application. I should explain this in the commit message... > > If we know that we're going to use dmabuf with the socket, maybe we > > should move this flag to the socket() syscall? > > > > fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); > > > > ? > > I think it should then be a setsockopt called before any data is > exchanged, with no change of modifying mode later. We generally use > setsockopts for the mode of a socket. This use of the protocol field > in socket() for setting a mode would be novel. Also, it might miss > passively opened connections, or be overly restrictive: one approach > for all accepted child sockets. We can definitely move SOCK_DEVMEM to a setsockopt(). Seems more than reasonable.
On Mon, Nov 6, 2023 at 4:16 PM David Ahern <dsahern@kernel.org> wrote: > > On 11/5/23 7:44 PM, Mina Almasry wrote: > > diff --git a/net/core/datagram.c b/net/core/datagram.c > > index 176eb5834746..cdd4fb129968 100644 > > --- a/net/core/datagram.c > > +++ b/net/core/datagram.c > > @@ -425,6 +425,9 @@ static int __skb_datagram_iter(const struct sk_buff *skb, int offset, > > return 0; > > } > > > > + if (skb_frags_not_readable(skb)) > > + goto short_copy; > > + > > /* Copy paged appendix. Hmm... why does this look so complicated? */ > > for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { > > int end; > > @@ -616,6 +619,9 @@ int __zerocopy_sg_from_iter(struct msghdr *msg, struct sock *sk, > > { > > int frag; > > > > + if (skb_frags_not_readable(skb)) > > + return -EFAULT; > > This check .... > > + > > if (msg && msg->msg_ubuf && msg->sg_from_iter) > > return msg->sg_from_iter(sk, skb, from, length); > > > ... should go here. That allows custome sg_from_iter to have access to > the skb. What matters is not expecting struct page (e.g., refcounting); > if the custom iter does not do that then all is well. io_uring's iter > does not look at the pages, so all good. > > > > > diff --git a/net/core/gro.c b/net/core/gro.c > > index 42d7f6755f32..56046d65386a 100644 > > --- a/net/core/gro.c > > +++ b/net/core/gro.c > > @@ -390,6 +390,9 @@ static void gro_pull_from_frag0(struct sk_buff *skb, int grow) > > { > > struct skb_shared_info *pinfo = skb_shinfo(skb); > > > > + if (WARN_ON_ONCE(skb_frags_not_readable(skb))) > > + return; > > + > > BUG_ON(skb->end - skb->tail < grow); > > > > memcpy(skb_tail_pointer(skb), NAPI_GRO_CB(skb)->frag0, grow); > > @@ -411,7 +414,7 @@ static void gro_try_pull_from_frag0(struct sk_buff *skb) > > { > > int grow = skb_gro_offset(skb) - skb_headlen(skb); > > > > - if (grow > 0) > > + if (grow > 0 && !skb_frags_not_readable(skb)) > > gro_pull_from_frag0(skb, grow); > > } > > > > diff --git a/net/core/skbuff.c b/net/core/skbuff.c > > index 13eca4fd25e1..f01673ed2eff 100644 > > --- a/net/core/skbuff.c > > +++ b/net/core/skbuff.c > > @@ -1230,6 +1230,14 @@ void skb_dump(const char *level, const struct sk_buff *skb, bool full_pkt) > > struct page *p; > > u8 *vaddr; > > > > + if (skb_frag_is_page_pool_iov(frag)) { > > Why skb_frag_is_page_pool_iov here vs skb_frags_not_readable? Seems like a silly choice on my end. I should probably check skb_frags_not_readable() and not kmap any frags in that case. Will do.
On 11/06, Stanislav Fomichev wrote: > On 11/06, Willem de Bruijn wrote: > > On Mon, Nov 6, 2023 at 3:55 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > On Mon, Nov 6, 2023 at 3:27 PM Mina Almasry <almasrymina@google.com> wrote: > > > > > > > > On Mon, Nov 6, 2023 at 2:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > > On Mon, Nov 6, 2023 at 1:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > > > > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > > > > > > > > > > > > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > > > > > > > > On 11/05, Mina Almasry wrote: > > > > > > > > > >> For device memory TCP, we expect the skb headers to be available in host > > > > > > > > > >> memory for access, and we expect the skb frags to be in device memory > > > > > > > > > >> and unaccessible to the host. We expect there to be no mixing and > > > > > > > > > >> matching of device memory frags (unaccessible) with host memory frags > > > > > > > > > >> (accessible) in the same skb. > > > > > > > > > >> > > > > > > > > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > > > > > > > > >> are device memory frags or not. > > > > > > > > > >> > > > > > > > > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > > > > > > > > >> and marks the skb as skb->devmem accordingly. > > > > > > > > > >> > > > > > > > > > >> Add checks through the network stack to avoid accessing the frags of > > > > > > > > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > > > > > > > > >> > > > > > > > > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > > > > > > > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > > > > > > > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > > > > > > > > >> > > > > > > > > > >> --- > > > > > > > > > >> include/linux/skbuff.h | 14 +++++++- > > > > > > > > > >> include/net/tcp.h | 5 +-- > > > > > > > > > >> net/core/datagram.c | 6 ++++ > > > > > > > > > >> net/core/gro.c | 5 ++- > > > > > > > > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > > > > > > > > >> net/ipv4/tcp.c | 6 ++++ > > > > > > > > > >> net/ipv4/tcp_input.c | 13 +++++-- > > > > > > > > > >> net/ipv4/tcp_output.c | 5 ++- > > > > > > > > > >> net/packet/af_packet.c | 4 +-- > > > > > > > > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > > > > > > > > >> > > > > > > > > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > > > > > > > > >> index 1fae276c1353..8fb468ff8115 100644 > > > > > > > > > >> --- a/include/linux/skbuff.h > > > > > > > > > >> +++ b/include/linux/skbuff.h > > > > > > > > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > > > > > > > > >> * @csum_level: indicates the number of consecutive checksums found in > > > > > > > > > >> * the packet minus one that have been verified as > > > > > > > > > >> * CHECKSUM_UNNECESSARY (max 3) > > > > > > > > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > > > > >> + * device memory. > > > > > > > > > >> * @dst_pending_confirm: need to confirm neighbour > > > > > > > > > >> * @decrypted: Decrypted SKB > > > > > > > > > >> * @slow_gro: state present at GRO time, slower prepare step required > > > > > > > > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > > > > > > > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > > > > > > > > >> __u8 csum_not_inet:1; > > > > > > > > > >> #endif > > > > > > > > > >> - > > > > > > > > > >> + __u8 devmem:1; > > > > > > > > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > > > > > > > > >> __u16 tc_index; /* traffic control index */ > > > > > > > > > >> #endif > > > > > > > > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > > > > > > > > >> __skb_zcopy_downgrade_managed(skb); > > > > > > > > > >> } > > > > > > > > > >> > > > > > > > > > >> +/* Return true if frags in this skb are not readable by the host. */ > > > > > > > > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > > > > > > > > >> +{ > > > > > > > > > >> + return skb->devmem; > > > > > > > > > > > > > > > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > > > > > > > > It better communicates the fact that the stack shouldn't dereference the > > > > > > > > > > frags (because it has 'devmem' fragments or for some other potential > > > > > > > > > > future reason). > > > > > > > > > > > > > > > > > > +1. > > > > > > > > > > > > > > > > > > Also, the flag on the skb is an optimization - a high level signal that > > > > > > > > > one or more frags is in unreadable memory. There is no requirement that > > > > > > > > > all of the frags are in the same memory type. > > > > > > > > > > > > > > David: maybe there should be such a requirement (that they all are > > > > > > > unreadable)? Might be easier to support initially; we can relax later > > > > > > > on. > > > > > > > > > > > > > > > > > > > Currently devmem == not_readable, and the restriction is that all the > > > > > > frags in the same skb must be either all readable or all unreadable > > > > > > (all devmem or all non-devmem). > > > > > > > > > > > > > > The flag indicates that the skb contains all devmem dma-buf memory > > > > > > > > specifically, not generic 'not_readable' frags as the comment says: > > > > > > > > > > > > > > > > + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > > > + * device memory. > > > > > > > > > > > > > > > > The reason it's not a generic 'not_readable' flag is because handing > > > > > > > > off a generic not_readable skb to the userspace is semantically not > > > > > > > > what we're doing. recvmsg() is augmented in this patch series to > > > > > > > > return a devmem skb to the user via a cmsg_devmem struct which refers > > > > > > > > specifically to the memory in the dma-buf. recvmsg() in this patch > > > > > > > > series is not augmented to give any 'not_readable' skb to the > > > > > > > > userspace. > > > > > > > > > > > > > > > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > > > > > > > > correct. If a new type of unreadable skbs are introduced to the stack, > > > > > > > > I imagine the stack would implement: > > > > > > > > > > > > > > > > 1. new header flag: skb->newmem > > > > > > > > 2. > > > > > > > > > > > > > > > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > > > > > > > > { > > > > > > > > return skb->devmem || skb->newmem; > > > > > > > > } > > > > > > > > > > > > > > > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > > > > > > > > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. > > > > > > > > > > > > > > You copy it to the userspace in a special way because your frags > > > > > > > are page_is_page_pool_iov(). I agree with David, the skb bit is > > > > > > > just and optimization. > > > > > > > > > > > > > > For most of the core stack, it doesn't matter why your skb is not > > > > > > > readable. For a few places where it matters (recvmsg?), you can > > > > > > > double-check your frags (all or some) with page_is_page_pool_iov. > > > > > > > > > > > > > > > > > > > I see, we can do that then. I.e. make the header flag 'not_readable' > > > > > > and check the frags to decide to delegate to tcp_recvmsg_devmem() or > > > > > > something else. We can even assume not_readable == devmem because > > > > > > currently devmem is the only type of unreadable frag currently. > > > > > > > > > > > > > Unrelated: we probably need socket to dmabuf association as well (via > > > > > > > netlink or something). > > > > > > > > > > > > Not sure this is possible. The dma-buf is bound to the rx-queue, and > > > > > > any packets that land on that rx-queue are bound to that dma-buf, > > > > > > regardless of which socket that packet belongs to. So the association > > > > > > IMO must be rx-queue to dma-buf, not socket to dma-buf. > > > > > > > > > > But there is still always 1 dmabuf to 1 socket association (on rx), right? > > > > > Because otherwise, there is no way currently to tell, at recvmsg, which > > > > > dmabuf the received token belongs to. > > > > > > > > > > > > > Yes, but this 1 dma-buf to 1 socket association happens because the > > > > user binds the dma-buf to an rx-queue and configures flow steering of > > > > the socket to that rx-queue. > > > > > > It's still fixed and won't change during the socket lifetime, right? > > > And the socket has to know this association; otherwise those tokens > > > are useless since they don't carry anything to identify the dmabuf. > > > > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > > it somehow implies that I have an option of passing or not passing it > > > for an individual system call. > > > If we know that we're going to use dmabuf with the socket, maybe we > > > should move this flag to the socket() syscall? > > > > > > fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); > > > > > > ? > > > > I think it should then be a setsockopt called before any data is > > exchanged, with no change of modifying mode later. We generally use > > setsockopts for the mode of a socket. This use of the protocol field > > in socket() for setting a mode would be novel. Also, it might miss > > passively opened connections, or be overly restrictive: one approach > > for all accepted child sockets. > > I was thinking this is similar to SOCK_CLOEXEC or SOCK_NONBLOCK? There > are plenty of bits we can grab. But setsockopt works as well! To follow up: if we have this flag on a socket, not on a per-message basis, can we also use recvmsg for the recycling part maybe? while (true) { memset(msg, 0, ...); /* receive the tokens */ ret = recvmsg(fd, &msg, 0); /* recycle the tokens from the above recvmsg() */ ret = recvmsg(fd, &msg, MSG_RECYCLE); } recvmsg + MSG_RECYCLE can parse the same format that regular recvmsg exports (SO_DEVMEM_OFFSET) and we can also add extra cmsg option to recycle a range. Will this be more straightforward than a setsockopt(SO_DEVMEM_DONTNEED)? Or is it more confusing?
On 11/06, Mina Almasry wrote: > On Mon, Nov 6, 2023 at 4:08 PM Willem de Bruijn > <willemdebruijn.kernel@gmail.com> wrote: > > > > On Mon, Nov 6, 2023 at 3:55 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > On Mon, Nov 6, 2023 at 3:27 PM Mina Almasry <almasrymina@google.com> wrote: > > > > > > > > On Mon, Nov 6, 2023 at 2:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > > On Mon, Nov 6, 2023 at 1:59 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > > > > > > > > > > On 11/06, Mina Almasry wrote: > > > > > > > > On Mon, Nov 6, 2023 at 11:34 AM David Ahern <dsahern@kernel.org> wrote: > > > > > > > > > > > > > > > > > > On 11/6/23 11:47 AM, Stanislav Fomichev wrote: > > > > > > > > > > On 11/05, Mina Almasry wrote: > > > > > > > > > >> For device memory TCP, we expect the skb headers to be available in host > > > > > > > > > >> memory for access, and we expect the skb frags to be in device memory > > > > > > > > > >> and unaccessible to the host. We expect there to be no mixing and > > > > > > > > > >> matching of device memory frags (unaccessible) with host memory frags > > > > > > > > > >> (accessible) in the same skb. > > > > > > > > > >> > > > > > > > > > >> Add a skb->devmem flag which indicates whether the frags in this skb > > > > > > > > > >> are device memory frags or not. > > > > > > > > > >> > > > > > > > > > >> __skb_fill_page_desc() now checks frags added to skbs for page_pool_iovs, > > > > > > > > > >> and marks the skb as skb->devmem accordingly. > > > > > > > > > >> > > > > > > > > > >> Add checks through the network stack to avoid accessing the frags of > > > > > > > > > >> devmem skbs and avoid coalescing devmem skbs with non devmem skbs. > > > > > > > > > >> > > > > > > > > > >> Signed-off-by: Willem de Bruijn <willemb@google.com> > > > > > > > > > >> Signed-off-by: Kaiyuan Zhang <kaiyuanz@google.com> > > > > > > > > > >> Signed-off-by: Mina Almasry <almasrymina@google.com> > > > > > > > > > >> > > > > > > > > > >> --- > > > > > > > > > >> include/linux/skbuff.h | 14 +++++++- > > > > > > > > > >> include/net/tcp.h | 5 +-- > > > > > > > > > >> net/core/datagram.c | 6 ++++ > > > > > > > > > >> net/core/gro.c | 5 ++- > > > > > > > > > >> net/core/skbuff.c | 77 ++++++++++++++++++++++++++++++++++++------ > > > > > > > > > >> net/ipv4/tcp.c | 6 ++++ > > > > > > > > > >> net/ipv4/tcp_input.c | 13 +++++-- > > > > > > > > > >> net/ipv4/tcp_output.c | 5 ++- > > > > > > > > > >> net/packet/af_packet.c | 4 +-- > > > > > > > > > >> 9 files changed, 115 insertions(+), 20 deletions(-) > > > > > > > > > >> > > > > > > > > > >> diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > > > > > > > > >> index 1fae276c1353..8fb468ff8115 100644 > > > > > > > > > >> --- a/include/linux/skbuff.h > > > > > > > > > >> +++ b/include/linux/skbuff.h > > > > > > > > > >> @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > > > > > > > > > >> * @csum_level: indicates the number of consecutive checksums found in > > > > > > > > > >> * the packet minus one that have been verified as > > > > > > > > > >> * CHECKSUM_UNNECESSARY (max 3) > > > > > > > > > >> + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > > > > >> + * device memory. > > > > > > > > > >> * @dst_pending_confirm: need to confirm neighbour > > > > > > > > > >> * @decrypted: Decrypted SKB > > > > > > > > > >> * @slow_gro: state present at GRO time, slower prepare step required > > > > > > > > > >> @@ -991,7 +993,7 @@ struct sk_buff { > > > > > > > > > >> #if IS_ENABLED(CONFIG_IP_SCTP) > > > > > > > > > >> __u8 csum_not_inet:1; > > > > > > > > > >> #endif > > > > > > > > > >> - > > > > > > > > > >> + __u8 devmem:1; > > > > > > > > > >> #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > > > > > > > > > >> __u16 tc_index; /* traffic control index */ > > > > > > > > > >> #endif > > > > > > > > > >> @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > > > > > > > > > >> __skb_zcopy_downgrade_managed(skb); > > > > > > > > > >> } > > > > > > > > > >> > > > > > > > > > >> +/* Return true if frags in this skb are not readable by the host. */ > > > > > > > > > >> +static inline bool skb_frags_not_readable(const struct sk_buff *skb) > > > > > > > > > >> +{ > > > > > > > > > >> + return skb->devmem; > > > > > > > > > > > > > > > > > > > > bikeshedding: should we also rename 'devmem' sk_buff flag to 'not_readable'? > > > > > > > > > > It better communicates the fact that the stack shouldn't dereference the > > > > > > > > > > frags (because it has 'devmem' fragments or for some other potential > > > > > > > > > > future reason). > > > > > > > > > > > > > > > > > > +1. > > > > > > > > > > > > > > > > > > Also, the flag on the skb is an optimization - a high level signal that > > > > > > > > > one or more frags is in unreadable memory. There is no requirement that > > > > > > > > > all of the frags are in the same memory type. > > > > > > > > > > > > > > David: maybe there should be such a requirement (that they all are > > > > > > > unreadable)? Might be easier to support initially; we can relax later > > > > > > > on. > > > > > > > > > > > > > > > > > > > Currently devmem == not_readable, and the restriction is that all the > > > > > > frags in the same skb must be either all readable or all unreadable > > > > > > (all devmem or all non-devmem). > > > > > > > > > > > > > > The flag indicates that the skb contains all devmem dma-buf memory > > > > > > > > specifically, not generic 'not_readable' frags as the comment says: > > > > > > > > > > > > > > > > + * @devmem: indicates that all the fragments in this skb are backed by > > > > > > > > + * device memory. > > > > > > > > > > > > > > > > The reason it's not a generic 'not_readable' flag is because handing > > > > > > > > off a generic not_readable skb to the userspace is semantically not > > > > > > > > what we're doing. recvmsg() is augmented in this patch series to > > > > > > > > return a devmem skb to the user via a cmsg_devmem struct which refers > > > > > > > > specifically to the memory in the dma-buf. recvmsg() in this patch > > > > > > > > series is not augmented to give any 'not_readable' skb to the > > > > > > > > userspace. > > > > > > > > > > > > > > > > IMHO skb->devmem + an skb_frags_not_readable() as implemented is > > > > > > > > correct. If a new type of unreadable skbs are introduced to the stack, > > > > > > > > I imagine the stack would implement: > > > > > > > > > > > > > > > > 1. new header flag: skb->newmem > > > > > > > > 2. > > > > > > > > > > > > > > > > static inline bool skb_frags_not_readable(const struct skb_buff *skb) > > > > > > > > { > > > > > > > > return skb->devmem || skb->newmem; > > > > > > > > } > > > > > > > > > > > > > > > > 3. tcp_recvmsg_devmem() would handle skb->devmem skbs is in this patch > > > > > > > > series, but tcp_recvmsg_newmem() would handle skb->newmem skbs. > > > > > > > > > > > > > > You copy it to the userspace in a special way because your frags > > > > > > > are page_is_page_pool_iov(). I agree with David, the skb bit is > > > > > > > just and optimization. > > > > > > > > > > > > > > For most of the core stack, it doesn't matter why your skb is not > > > > > > > readable. For a few places where it matters (recvmsg?), you can > > > > > > > double-check your frags (all or some) with page_is_page_pool_iov. > > > > > > > > > > > > > > > > > > > I see, we can do that then. I.e. make the header flag 'not_readable' > > > > > > and check the frags to decide to delegate to tcp_recvmsg_devmem() or > > > > > > something else. We can even assume not_readable == devmem because > > > > > > currently devmem is the only type of unreadable frag currently. > > > > > > > > > > > > > Unrelated: we probably need socket to dmabuf association as well (via > > > > > > > netlink or something). > > > > > > > > > > > > Not sure this is possible. The dma-buf is bound to the rx-queue, and > > > > > > any packets that land on that rx-queue are bound to that dma-buf, > > > > > > regardless of which socket that packet belongs to. So the association > > > > > > IMO must be rx-queue to dma-buf, not socket to dma-buf. > > > > > > > > > > But there is still always 1 dmabuf to 1 socket association (on rx), right? > > > > > Because otherwise, there is no way currently to tell, at recvmsg, which > > > > > dmabuf the received token belongs to. > > > > > > > > > > > > > Yes, but this 1 dma-buf to 1 socket association happens because the > > > > user binds the dma-buf to an rx-queue and configures flow steering of > > > > the socket to that rx-queue. > > > > > > It's still fixed and won't change during the socket lifetime, right? > > Technically, no. > > The user is free to modify or delete flow steering rules outside of > the lifetime of the socket. Technically it's possible for the user to > reconfigure flow steering while the socket is simultaneously > receiving, and the result will be packets switching > from devmem to non-devmem. For a reasonably correctly configured > application the application would probably want to steer 1 flow to 1 > dma-buf and never change it, but this is not something we enforce, but > rather the user orchestrates. In theory someone can find a use case > for configuring and unconfigure flow steering during a connection. If we do want to support this flexible configuration then we also should export some dmabuf id along with the token? > > > And the socket has to know this association; otherwise those tokens > > > are useless since they don't carry anything to identify the dmabuf. > > > > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > > it somehow implies that I have an option of passing or not passing it > > > for an individual system call. > > You do have the option of passing it or not passing it per system > call. The MSG_SOCK_DEVMEM says the application is willing to receive > devmem cmsgs - that's all. The application doesn't get to decide > whether it's actually going to receive a devmem cmsg or not, because > that's dictated by the type of skb that is present in the receive > queue, and not up to the application. I should explain this in the > commit message... What would be the case of passing it or not passing it? Some fallback to the host memory after flow steering update? Yeah, would be useful to document those constrains. I'd lean on starting stricter and relaxing those conditions if we find the use-cases. > > > If we know that we're going to use dmabuf with the socket, maybe we > > > should move this flag to the socket() syscall? > > > > > > fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); > > > > > > ? > > > > I think it should then be a setsockopt called before any data is > > exchanged, with no change of modifying mode later. We generally use > > setsockopts for the mode of a socket. This use of the protocol field > > in socket() for setting a mode would be novel. Also, it might miss > > passively opened connections, or be overly restrictive: one approach > > for all accepted child sockets. > > We can definitely move SOCK_DEVMEM to a setsockopt(). Seems more than > reasonable. SG, added another suggestion for SO_DEVMEM_DONTNEED on another thread with Willem. LMK what you think.
On 11/6/23 5:20 PM, Mina Almasry wrote: > The user is free to modify or delete flow steering rules outside of the > lifetime of the socket. Technically it's possible for the user to > reconfigure flow steering while the socket is simultaneously receiving, > and the result will be packets switching from devmem to non-devmem. generically, from one page pool to another (ie., devmem piece of that statement is not relevant).
> > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > > > it somehow implies that I have an option of passing or not passing it > > > > for an individual system call. > > > > If we know that we're going to use dmabuf with the socket, maybe we > > > > should move this flag to the socket() syscall? > > > > > > > > fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); > > > > > > > > ? > > > > > > I think it should then be a setsockopt called before any data is > > > exchanged, with no change of modifying mode later. We generally use > > > setsockopts for the mode of a socket. This use of the protocol field > > > in socket() for setting a mode would be novel. Also, it might miss > > > passively opened connections, or be overly restrictive: one approach > > > for all accepted child sockets. > > > > I was thinking this is similar to SOCK_CLOEXEC or SOCK_NONBLOCK? There > > are plenty of bits we can grab. But setsockopt works as well! > > To follow up: if we have this flag on a socket, not on a per-message > basis, can we also use recvmsg for the recycling part maybe? > > while (true) { > memset(msg, 0, ...); > > /* receive the tokens */ > ret = recvmsg(fd, &msg, 0); > > /* recycle the tokens from the above recvmsg() */ > ret = recvmsg(fd, &msg, MSG_RECYCLE); > } > > recvmsg + MSG_RECYCLE can parse the same format that regular recvmsg > exports (SO_DEVMEM_OFFSET) and we can also add extra cmsg option > to recycle a range. > > Will this be more straightforward than a setsockopt(SO_DEVMEM_DONTNEED)? > Or is it more confusing? It would have to be sendmsg, as recvmsg is a copy_to_user operation. I am not aware of any precedent in multiplexing the data stream and a control operation stream in this manner. It would also require adding a branch in the sendmsg hot path. The memory is associated with the socket, freed when the socket is closed as well as on SO_DEVMEM_DONTNEED. Fundamentally it is a socket state operation, for which setsockopt is the socket interface. Is your request purely a dislike, or is there some technical concern with BPF and setsockopt?
On 11/06, Willem de Bruijn wrote: > > > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > > > > it somehow implies that I have an option of passing or not passing it > > > > > for an individual system call. > > > > > If we know that we're going to use dmabuf with the socket, maybe we > > > > > should move this flag to the socket() syscall? > > > > > > > > > > fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); > > > > > > > > > > ? > > > > > > > > I think it should then be a setsockopt called before any data is > > > > exchanged, with no change of modifying mode later. We generally use > > > > setsockopts for the mode of a socket. This use of the protocol field > > > > in socket() for setting a mode would be novel. Also, it might miss > > > > passively opened connections, or be overly restrictive: one approach > > > > for all accepted child sockets. > > > > > > I was thinking this is similar to SOCK_CLOEXEC or SOCK_NONBLOCK? There > > > are plenty of bits we can grab. But setsockopt works as well! > > > > To follow up: if we have this flag on a socket, not on a per-message > > basis, can we also use recvmsg for the recycling part maybe? > > > > while (true) { > > memset(msg, 0, ...); > > > > /* receive the tokens */ > > ret = recvmsg(fd, &msg, 0); > > > > /* recycle the tokens from the above recvmsg() */ > > ret = recvmsg(fd, &msg, MSG_RECYCLE); > > } > > > > recvmsg + MSG_RECYCLE can parse the same format that regular recvmsg > > exports (SO_DEVMEM_OFFSET) and we can also add extra cmsg option > > to recycle a range. > > > > Will this be more straightforward than a setsockopt(SO_DEVMEM_DONTNEED)? > > Or is it more confusing? > > It would have to be sendmsg, as recvmsg is a copy_to_user operation. > > > I am not aware of any precedent in multiplexing the data stream and a > control operation stream in this manner. It would also require adding > a branch in the sendmsg hot path. Is it too much plumbing to copy_from_user msg_control deep in recvmsg stack where we need it? Mixing in sendmsg is indeed ugly :-( Regarding hot patch: aren't we already doing copy_to_user for the tokens in this hot path, so having one extra condition shouldn't hurt too much? > The memory is associated with the socket, freed when the socket is > closed as well as on SO_DEVMEM_DONTNEED. Fundamentally it is a socket > state operation, for which setsockopt is the socket interface. > > Is your request purely a dislike, or is there some technical concern > with BPF and setsockopt? It's mostly because I've been bitten too much by custom socket options that are not really on/off/update-value operations: 29ebbba7d461 - bpf: Don't EFAULT for {g,s}setsockopt with wrong optlen 00e74ae08638 - bpf: Don't EFAULT for getsockopt with optval=NULL 9cacf81f8161 - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE d8fe449a9c51 - bpf: Don't return EINVAL from {get,set}sockopt when optlen > PAGE_SIZE I do agree that this particular case of SO_DEVMEM_DONTNEED seems ok, but things tend to evolve and change.
On Tue, Nov 7, 2023 at 12:44 PM Stanislav Fomichev <sdf@google.com> wrote: > > On 11/06, Willem de Bruijn wrote: > > > > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > > > > > it somehow implies that I have an option of passing or not passing it > > > > > > for an individual system call. > > > > > > If we know that we're going to use dmabuf with the socket, maybe we > > > > > > should move this flag to the socket() syscall? > > > > > > > > > > > > fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); > > > > > > > > > > > > ? > > > > > > > > > > I think it should then be a setsockopt called before any data is > > > > > exchanged, with no change of modifying mode later. We generally use > > > > > setsockopts for the mode of a socket. This use of the protocol field > > > > > in socket() for setting a mode would be novel. Also, it might miss > > > > > passively opened connections, or be overly restrictive: one approach > > > > > for all accepted child sockets. > > > > > > > > I was thinking this is similar to SOCK_CLOEXEC or SOCK_NONBLOCK? There > > > > are plenty of bits we can grab. But setsockopt works as well! > > > > > > To follow up: if we have this flag on a socket, not on a per-message > > > basis, can we also use recvmsg for the recycling part maybe? > > > > > > while (true) { > > > memset(msg, 0, ...); > > > > > > /* receive the tokens */ > > > ret = recvmsg(fd, &msg, 0); > > > > > > /* recycle the tokens from the above recvmsg() */ > > > ret = recvmsg(fd, &msg, MSG_RECYCLE); > > > } > > > > > > recvmsg + MSG_RECYCLE can parse the same format that regular recvmsg > > > exports (SO_DEVMEM_OFFSET) and we can also add extra cmsg option > > > to recycle a range. > > > > > > Will this be more straightforward than a setsockopt(SO_DEVMEM_DONTNEED)? > > > Or is it more confusing? > > > > It would have to be sendmsg, as recvmsg is a copy_to_user operation. > > > > > > I am not aware of any precedent in multiplexing the data stream and a > > control operation stream in this manner. It would also require adding > > a branch in the sendmsg hot path. > > Is it too much plumbing to copy_from_user msg_control deep in recvmsg > stack where we need it? Mixing in sendmsg is indeed ugly :-( I tried exactly the inverse of that when originally adding MSG_ZEROCOPY: to allow piggy-backing zerocopy completion notifications on sendmsg calls by writing to sendmsg msg_control on return to user. It required significant code churn, which the performance gains did not warrant. Doing so also breaks the simple rule that recv is for reading and send is for writing. > Regarding hot patch: aren't we already doing copy_to_user for the tokens in > this hot path, so having one extra condition shouldn't hurt too much? We're doing that in the optional cmsg handling of recvmsg, which is already a slow path (compared to the data read() itself). > > The memory is associated with the socket, freed when the socket is > > closed as well as on SO_DEVMEM_DONTNEED. Fundamentally it is a socket > > state operation, for which setsockopt is the socket interface. > > > > Is your request purely a dislike, or is there some technical concern > > with BPF and setsockopt? > > It's mostly because I've been bitten too much by custom socket options that > are not really on/off/update-value operations: > > 29ebbba7d461 - bpf: Don't EFAULT for {g,s}setsockopt with wrong optlen > 00e74ae08638 - bpf: Don't EFAULT for getsockopt with optval=NULL > 9cacf81f8161 - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE > d8fe449a9c51 - bpf: Don't return EINVAL from {get,set}sockopt when optlen > PAGE_SIZE > > I do agree that this particular case of SO_DEVMEM_DONTNEED seems ok, but > things tend to evolve and change. I see. I'm a bit concerned if we start limiting what we can do in sockets because of dependencies that BPF processing places on them. The use case for BPF [gs]etsockopt is limited to specific control mode calls. Would it make sense to just exclude calls like SO_DEVMEM_DONTNEED from this interpositioning? At a high level what we really want is a high rate metadata path from user to kernel. And there are no perfect solutions. From kernel to user we use the socket error queue for this. That was never intended for high event rate itself, dealing with ICMP errors and the like before timestamps and zerocopy notifications were added. If I squint hard enough I can see some prior art in mixing data and high rate state changes within the same channel in NIC descriptor queues, where some devices do this, e.g., { "insert encryption key", "send packet" }. But fundamentally I think we should keep the socket queues for data only.
On 11/07, Willem de Bruijn wrote: > On Tue, Nov 7, 2023 at 12:44 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > On 11/06, Willem de Bruijn wrote: > > > > > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > > > > > > it somehow implies that I have an option of passing or not passing it > > > > > > > for an individual system call. > > > > > > > If we know that we're going to use dmabuf with the socket, maybe we > > > > > > > should move this flag to the socket() syscall? > > > > > > > > > > > > > > fd = socket(AF_INET6, SOCK_STREAM, SOCK_DEVMEM); > > > > > > > > > > > > > > ? > > > > > > > > > > > > I think it should then be a setsockopt called before any data is > > > > > > exchanged, with no change of modifying mode later. We generally use > > > > > > setsockopts for the mode of a socket. This use of the protocol field > > > > > > in socket() for setting a mode would be novel. Also, it might miss > > > > > > passively opened connections, or be overly restrictive: one approach > > > > > > for all accepted child sockets. > > > > > > > > > > I was thinking this is similar to SOCK_CLOEXEC or SOCK_NONBLOCK? There > > > > > are plenty of bits we can grab. But setsockopt works as well! > > > > > > > > To follow up: if we have this flag on a socket, not on a per-message > > > > basis, can we also use recvmsg for the recycling part maybe? > > > > > > > > while (true) { > > > > memset(msg, 0, ...); > > > > > > > > /* receive the tokens */ > > > > ret = recvmsg(fd, &msg, 0); > > > > > > > > /* recycle the tokens from the above recvmsg() */ > > > > ret = recvmsg(fd, &msg, MSG_RECYCLE); > > > > } > > > > > > > > recvmsg + MSG_RECYCLE can parse the same format that regular recvmsg > > > > exports (SO_DEVMEM_OFFSET) and we can also add extra cmsg option > > > > to recycle a range. > > > > > > > > Will this be more straightforward than a setsockopt(SO_DEVMEM_DONTNEED)? > > > > Or is it more confusing? > > > > > > It would have to be sendmsg, as recvmsg is a copy_to_user operation. > > > > > > > > > I am not aware of any precedent in multiplexing the data stream and a > > > control operation stream in this manner. It would also require adding > > > a branch in the sendmsg hot path. > > > > Is it too much plumbing to copy_from_user msg_control deep in recvmsg > > stack where we need it? Mixing in sendmsg is indeed ugly :-( > > I tried exactly the inverse of that when originally adding > MSG_ZEROCOPY: to allow piggy-backing zerocopy completion notifications > on sendmsg calls by writing to sendmsg msg_control on return to user. > It required significant code churn, which the performance gains did > not warrant. Doing so also breaks the simple rule that recv is for > reading and send is for writing. We're breaking so many rules here, so not sure we should be super constrained :-D > > Regarding hot patch: aren't we already doing copy_to_user for the tokens in > > this hot path, so having one extra condition shouldn't hurt too much? > > We're doing that in the optional cmsg handling of recvmsg, which is > already a slow path (compared to the data read() itself). > > > > The memory is associated with the socket, freed when the socket is > > > closed as well as on SO_DEVMEM_DONTNEED. Fundamentally it is a socket > > > state operation, for which setsockopt is the socket interface. > > > > > > Is your request purely a dislike, or is there some technical concern > > > with BPF and setsockopt? > > > > It's mostly because I've been bitten too much by custom socket options that > > are not really on/off/update-value operations: > > > > 29ebbba7d461 - bpf: Don't EFAULT for {g,s}setsockopt with wrong optlen > > 00e74ae08638 - bpf: Don't EFAULT for getsockopt with optval=NULL > > 9cacf81f8161 - bpf: Remove extra lock_sock for TCP_ZEROCOPY_RECEIVE > > d8fe449a9c51 - bpf: Don't return EINVAL from {get,set}sockopt when optlen > PAGE_SIZE > > > > I do agree that this particular case of SO_DEVMEM_DONTNEED seems ok, but > > things tend to evolve and change. > > I see. I'm a bit concerned if we start limiting what we can do in > sockets because of dependencies that BPF processing places on them. > The use case for BPF [gs]etsockopt is limited to specific control mode > calls. Would it make sense to just exclude calls like > SO_DEVMEM_DONTNEED from this interpositioning? Yup, that's why I'm asking. We already have ->bpf_bypass_getsockopt() to special-case tcp zerocopy. We might add another bpf_bypass_setsockopt to special case SO_DEVMEM_DONTNEED. That's why I'm trying to see if there is a better alternative. > At a high level what we really want is a high rate metadata path from > user to kernel. And there are no perfect solutions. From kernel to > user we use the socket error queue for this. That was never intended > for high event rate itself, dealing with ICMP errors and the like > before timestamps and zerocopy notifications were added. > > If I squint hard enough I can see some prior art in mixing data and > high rate state changes within the same channel in NIC descriptor > queues, where some devices do this, e.g., { "insert encryption key", > "send packet" }. But fundamentally I think we should keep the socket > queues for data only. +1, we keep taking an easy route with using sockopt for this :-( Anyway, let's see if any better suggestions pop up. Worst case - we stick with a socket option and will add a bypass on the bpf side.
On Mon, Nov 6, 2023 at 5:06 PM Stanislav Fomichev <sdf@google.com> wrote: [..] > > > > And the socket has to know this association; otherwise those tokens > > > > are useless since they don't carry anything to identify the dmabuf. > > > > > > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > > > it somehow implies that I have an option of passing or not passing it > > > > for an individual system call. > > > > You do have the option of passing it or not passing it per system > > call. The MSG_SOCK_DEVMEM says the application is willing to receive > > devmem cmsgs - that's all. The application doesn't get to decide > > whether it's actually going to receive a devmem cmsg or not, because > > that's dictated by the type of skb that is present in the receive > > queue, and not up to the application. I should explain this in the > > commit message... > > What would be the case of passing it or not passing it? Some fallback to > the host memory after flow steering update? Yeah, would be useful to > document those constrains. I'd lean on starting stricter and relaxing > those conditions if we find the use-cases. > MSG_SOCK_DEVMEM (or its replacement SOCK_DEVMEM or SO_SOCK_DEVMEM), just says that the application is able to receive devmem cmsgs and will parse them. The use case for not setting that flag is existing applications that are not aware of devmem cmsgs. I don't want those applications to think they're receiving data in the linear buffer only to find out that the data is in devmem and they ignored the devmem cmsg. So, what happens: - MSG_SOCK_DEVMEM provided and next skb in the queue is devmem: application receives cmsgs. - MSG_SOCK_DEVMEM provided and next skb in the queue is non-devmem: application receives in the linear buffer. - MSG_SOCK_DEVMEM not provided and net skb is devmem: application receives EFAULT. - MSG_SOCK_DEVMEM not provided and next skb is non-devmem: application receives in the linear buffer. My bad on not including some docs about this. The next version should have the commit message beefed up to explain all this, or a docs patch.
On 11/07, Mina Almasry wrote: > On Mon, Nov 6, 2023 at 5:06 PM Stanislav Fomichev <sdf@google.com> wrote: > [..] > > > > > And the socket has to know this association; otherwise those tokens > > > > > are useless since they don't carry anything to identify the dmabuf. > > > > > > > > > > I think my other issue with MSG_SOCK_DEVMEM being on recvmsg is that > > > > > it somehow implies that I have an option of passing or not passing it > > > > > for an individual system call. > > > > > > You do have the option of passing it or not passing it per system > > > call. The MSG_SOCK_DEVMEM says the application is willing to receive > > > devmem cmsgs - that's all. The application doesn't get to decide > > > whether it's actually going to receive a devmem cmsg or not, because > > > that's dictated by the type of skb that is present in the receive > > > queue, and not up to the application. I should explain this in the > > > commit message... > > > > What would be the case of passing it or not passing it? Some fallback to > > the host memory after flow steering update? Yeah, would be useful to > > document those constrains. I'd lean on starting stricter and relaxing > > those conditions if we find the use-cases. > > > > MSG_SOCK_DEVMEM (or its replacement SOCK_DEVMEM or SO_SOCK_DEVMEM), > just says that the application is able to receive devmem cmsgs and > will parse them. The use case for not setting that flag is existing > applications that are not aware of devmem cmsgs. I don't want those > applications to think they're receiving data in the linear buffer only > to find out that the data is in devmem and they ignored the devmem > cmsg. > > So, what happens: > > - MSG_SOCK_DEVMEM provided and next skb in the queue is devmem: > application receives cmsgs. > - MSG_SOCK_DEVMEM provided and next skb in the queue is non-devmem: > application receives in the linear buffer. > - MSG_SOCK_DEVMEM not provided and net skb is devmem: application > receives EFAULT. > - MSG_SOCK_DEVMEM not provided and next skb is non-devmem: application > receives in the linear buffer. > > My bad on not including some docs about this. The next version should > have the commit message beefed up to explain all this, or a docs > patch. I don't understand. We require an elaborate setup to receive devmem cmsgs, why would some random application receive those?
On Tue, Nov 7, 2023 at 10:05 PM Stanislav Fomichev <sdf@google.com> wrote: > > I don't understand. We require an elaborate setup to receive devmem cmsgs, > why would some random application receive those? A TCP socket can receive 'valid TCP packets' from many different sources, especially with BPF hooks... Think of a bonding setup, packets being mirrored by some switches or even from tc. Better double check than be sorry. We have not added a 5th component in the 4-tuple lookups, being "is this socket a devmem one". A mix of regular/devmem skb is supported.
On 11/07, Eric Dumazet wrote: > On Tue, Nov 7, 2023 at 10:05 PM Stanislav Fomichev <sdf@google.com> wrote: > > > > > I don't understand. We require an elaborate setup to receive devmem cmsgs, > > why would some random application receive those? > > > A TCP socket can receive 'valid TCP packets' from many different sources, > especially with BPF hooks... > > Think of a bonding setup, packets being mirrored by some switches or > even from tc. > > Better double check than be sorry. > > We have not added a 5th component in the 4-tuple lookups, being "is > this socket a devmem one". > > A mix of regular/devmem skb is supported. Can we mark a socket as devmem-only? Do we have any use-case for those hybrid setups? Or, let me put it that way: do we expect API callers to handle both linear and non-linear cases correctly? As a consumer of the previous versions of these apis internally, I find all those corner cases confusing :-( Hence trying to understand whether we can make it a bit more rigid and properly defined upstream. But going back to that MSG_SOCK_DEVMEM flag. If the application is supposed to handle both linear and devmem chucks, why do we need this extra MSG_SOCK_DEVMEM opt-in to signal that it's able to process it? From Mina's reply, it seemed like MSG_SOCK_DEVMEM is there to protect random applications that get misrouted devmem skb. I don't see how returning EFAULT helps in that case.
From: Mina Almasry > Sent: 06 November 2023 02:44 > > For device memory TCP, we expect the skb headers to be available in host > memory for access, and we expect the skb frags to be in device memory > and unaccessible to the host. We expect there to be no mixing and > matching of device memory frags (unaccessible) with host memory frags > (accessible) in the same skb. > > Add a skb->devmem flag which indicates whether the frags in this skb > are device memory frags or not. > ... > diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > index 1fae276c1353..8fb468ff8115 100644 > --- a/include/linux/skbuff.h > +++ b/include/linux/skbuff.h > @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; > * @csum_level: indicates the number of consecutive checksums found in > * the packet minus one that have been verified as > * CHECKSUM_UNNECESSARY (max 3) > + * @devmem: indicates that all the fragments in this skb are backed by > + * device memory. > * @dst_pending_confirm: need to confirm neighbour > * @decrypted: Decrypted SKB > * @slow_gro: state present at GRO time, slower prepare step required > @@ -991,7 +993,7 @@ struct sk_buff { > #if IS_ENABLED(CONFIG_IP_SCTP) > __u8 csum_not_inet:1; > #endif > - > + __u8 devmem:1; > #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) > __u16 tc_index; /* traffic control index */ > #endif > @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) > __skb_zcopy_downgrade_managed(skb); > } Doesn't that bloat struct sk_buff? I'm not sure there are any spare bits available. Although CONFIG_NET_SWITCHDEV and CONFIG_NET_SCHED seem to already add padding. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
On Tue, 7 Nov 2023 14:23:20 -0800 Stanislav Fomichev wrote: > Can we mark a socket as devmem-only? Do we have any use-case for those > hybrid setups? Or, let me put it that way: do we expect API callers > to handle both linear and non-linear cases correctly? > As a consumer of the previous versions of these apis internally, > I find all those corner cases confusing :-( Hence trying to understand > whether we can make it a bit more rigid and properly defined upstream. FWIW I'd also prefer to allow mixing. "Some NICs" can decide HDS very flexibly, incl. landing full jumbo frames into the "headers". There's no sender API today to signal how to mark the data for selective landing, but if Mina already has the rx side written to allow that...
On Tue, 7 Nov 2023 11:53:22 -0800 Mina Almasry wrote: > My bad on not including some docs about this. The next version should > have the commit message beefed up to explain all this, or a docs > patch. Yes, please. Would be great to have the user facing interface well explained under Documentation/
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 1fae276c1353..8fb468ff8115 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -805,6 +805,8 @@ typedef unsigned char *sk_buff_data_t; * @csum_level: indicates the number of consecutive checksums found in * the packet minus one that have been verified as * CHECKSUM_UNNECESSARY (max 3) + * @devmem: indicates that all the fragments in this skb are backed by + * device memory. * @dst_pending_confirm: need to confirm neighbour * @decrypted: Decrypted SKB * @slow_gro: state present at GRO time, slower prepare step required @@ -991,7 +993,7 @@ struct sk_buff { #if IS_ENABLED(CONFIG_IP_SCTP) __u8 csum_not_inet:1; #endif - + __u8 devmem:1; #if defined(CONFIG_NET_SCHED) || defined(CONFIG_NET_XGRESS) __u16 tc_index; /* traffic control index */ #endif @@ -1766,6 +1768,12 @@ static inline void skb_zcopy_downgrade_managed(struct sk_buff *skb) __skb_zcopy_downgrade_managed(skb); } +/* Return true if frags in this skb are not readable by the host. */ +static inline bool skb_frags_not_readable(const struct sk_buff *skb) +{ + return skb->devmem; +} + static inline void skb_mark_not_on_list(struct sk_buff *skb) { skb->next = NULL; @@ -2468,6 +2476,10 @@ static inline void __skb_fill_page_desc(struct sk_buff *skb, int i, struct page *page, int off, int size) { __skb_fill_page_desc_noacc(skb_shinfo(skb), i, page, off, size); + if (page_is_page_pool_iov(page)) { + skb->devmem = true; + return; + } /* Propagate page pfmemalloc to the skb if we can. The problem is * that not all callers have unique ownership of the page but rely diff --git a/include/net/tcp.h b/include/net/tcp.h index 39b731c900dd..1ae62d1e284b 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -1012,7 +1012,7 @@ static inline int tcp_skb_mss(const struct sk_buff *skb) static inline bool tcp_skb_can_collapse_to(const struct sk_buff *skb) { - return likely(!TCP_SKB_CB(skb)->eor); + return likely(!TCP_SKB_CB(skb)->eor && !skb_frags_not_readable(skb)); } static inline bool tcp_skb_can_collapse(const struct sk_buff *to, @@ -1020,7 +1020,8 @@ static inline bool tcp_skb_can_collapse(const struct sk_buff *to, { return likely(tcp_skb_can_collapse_to(to) && mptcp_skb_can_collapse(to, from) && - skb_pure_zcopy_same(to, from)); + skb_pure_zcopy_same(to, from) && + skb_frags_not_readable(to) == skb_frags_not_readable(from)); } /* Events passed to congestion control interface */ diff --git a/net/core/datagram.c b/net/core/datagram.c index 176eb5834746..cdd4fb129968 100644 --- a/net/core/datagram.c +++ b/net/core/datagram.c @@ -425,6 +425,9 @@ static int __skb_datagram_iter(const struct sk_buff *skb, int offset, return 0; } + if (skb_frags_not_readable(skb)) + goto short_copy; + /* Copy paged appendix. Hmm... why does this look so complicated? */ for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { int end; @@ -616,6 +619,9 @@ int __zerocopy_sg_from_iter(struct msghdr *msg, struct sock *sk, { int frag; + if (skb_frags_not_readable(skb)) + return -EFAULT; + if (msg && msg->msg_ubuf && msg->sg_from_iter) return msg->sg_from_iter(sk, skb, from, length); diff --git a/net/core/gro.c b/net/core/gro.c index 42d7f6755f32..56046d65386a 100644 --- a/net/core/gro.c +++ b/net/core/gro.c @@ -390,6 +390,9 @@ static void gro_pull_from_frag0(struct sk_buff *skb, int grow) { struct skb_shared_info *pinfo = skb_shinfo(skb); + if (WARN_ON_ONCE(skb_frags_not_readable(skb))) + return; + BUG_ON(skb->end - skb->tail < grow); memcpy(skb_tail_pointer(skb), NAPI_GRO_CB(skb)->frag0, grow); @@ -411,7 +414,7 @@ static void gro_try_pull_from_frag0(struct sk_buff *skb) { int grow = skb_gro_offset(skb) - skb_headlen(skb); - if (grow > 0) + if (grow > 0 && !skb_frags_not_readable(skb)) gro_pull_from_frag0(skb, grow); } diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 13eca4fd25e1..f01673ed2eff 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -1230,6 +1230,14 @@ void skb_dump(const char *level, const struct sk_buff *skb, bool full_pkt) struct page *p; u8 *vaddr; + if (skb_frag_is_page_pool_iov(frag)) { + printk("%sskb frag %d: not readable\n", level, i); + len -= frag->bv_len; + if (!len) + break; + continue; + } + skb_frag_foreach_page(frag, skb_frag_off(frag), skb_frag_size(frag), p, p_off, p_len, copied) { @@ -1807,6 +1815,9 @@ int skb_copy_ubufs(struct sk_buff *skb, gfp_t gfp_mask) if (skb_shared(skb) || skb_unclone(skb, gfp_mask)) return -EINVAL; + if (skb_frags_not_readable(skb)) + return -EFAULT; + if (!num_frags) goto release; @@ -1977,8 +1988,12 @@ struct sk_buff *skb_copy(const struct sk_buff *skb, gfp_t gfp_mask) { int headerlen = skb_headroom(skb); unsigned int size = skb_end_offset(skb) + skb->data_len; - struct sk_buff *n = __alloc_skb(size, gfp_mask, - skb_alloc_rx_flag(skb), NUMA_NO_NODE); + struct sk_buff *n; + + if (skb_frags_not_readable(skb)) + return NULL; + + n = __alloc_skb(size, gfp_mask, skb_alloc_rx_flag(skb), NUMA_NO_NODE); if (!n) return NULL; @@ -2304,14 +2319,16 @@ struct sk_buff *skb_copy_expand(const struct sk_buff *skb, int newheadroom, int newtailroom, gfp_t gfp_mask) { - /* - * Allocate the copy buffer - */ - struct sk_buff *n = __alloc_skb(newheadroom + skb->len + newtailroom, - gfp_mask, skb_alloc_rx_flag(skb), - NUMA_NO_NODE); int oldheadroom = skb_headroom(skb); int head_copy_len, head_copy_off; + struct sk_buff *n; + + if (skb_frags_not_readable(skb)) + return NULL; + + /* Allocate the copy buffer */ + n = __alloc_skb(newheadroom + skb->len + newtailroom, gfp_mask, + skb_alloc_rx_flag(skb), NUMA_NO_NODE); if (!n) return NULL; @@ -2650,6 +2667,9 @@ void *__pskb_pull_tail(struct sk_buff *skb, int delta) */ int i, k, eat = (skb->tail + delta) - skb->end; + if (skb_frags_not_readable(skb)) + return NULL; + if (eat > 0 || skb_cloned(skb)) { if (pskb_expand_head(skb, 0, eat > 0 ? eat + 128 : 0, GFP_ATOMIC)) @@ -2803,6 +2823,9 @@ int skb_copy_bits(const struct sk_buff *skb, int offset, void *to, int len) to += copy; } + if (skb_frags_not_readable(skb)) + goto fault; + for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { int end; skb_frag_t *f = &skb_shinfo(skb)->frags[i]; @@ -2991,6 +3014,9 @@ static bool __skb_splice_bits(struct sk_buff *skb, struct pipe_inode_info *pipe, /* * then map the fragments */ + if (skb_frags_not_readable(skb)) + return false; + for (seg = 0; seg < skb_shinfo(skb)->nr_frags; seg++) { const skb_frag_t *f = &skb_shinfo(skb)->frags[seg]; @@ -3214,6 +3240,9 @@ int skb_store_bits(struct sk_buff *skb, int offset, const void *from, int len) from += copy; } + if (skb_frags_not_readable(skb)) + goto fault; + for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { skb_frag_t *frag = &skb_shinfo(skb)->frags[i]; int end; @@ -3293,6 +3322,9 @@ __wsum __skb_checksum(const struct sk_buff *skb, int offset, int len, pos = copy; } + if (skb_frags_not_readable(skb)) + return 0; + for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { int end; skb_frag_t *frag = &skb_shinfo(skb)->frags[i]; @@ -3393,6 +3425,9 @@ __wsum skb_copy_and_csum_bits(const struct sk_buff *skb, int offset, pos = copy; } + if (skb_frags_not_readable(skb)) + return 0; + for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { int end; @@ -3883,7 +3918,9 @@ static inline void skb_split_inside_header(struct sk_buff *skb, skb_shinfo(skb1)->frags[i] = skb_shinfo(skb)->frags[i]; skb_shinfo(skb1)->nr_frags = skb_shinfo(skb)->nr_frags; + skb1->devmem = skb->devmem; skb_shinfo(skb)->nr_frags = 0; + skb->devmem = 0; skb1->data_len = skb->data_len; skb1->len += skb1->data_len; skb->data_len = 0; @@ -3897,6 +3934,7 @@ static inline void skb_split_no_header(struct sk_buff *skb, { int i, k = 0; const int nfrags = skb_shinfo(skb)->nr_frags; + const int devmem = skb->devmem; skb_shinfo(skb)->nr_frags = 0; skb1->len = skb1->data_len = skb->len - len; @@ -3930,6 +3968,16 @@ static inline void skb_split_no_header(struct sk_buff *skb, pos += size; } skb_shinfo(skb1)->nr_frags = k; + + if (skb_shinfo(skb)->nr_frags) + skb->devmem = devmem; + else + skb->devmem = 0; + + if (skb_shinfo(skb1)->nr_frags) + skb1->devmem = devmem; + else + skb1->devmem = 0; } /** @@ -4165,6 +4213,9 @@ unsigned int skb_seq_read(unsigned int consumed, const u8 **data, return block_limit - abs_offset; } + if (skb_frags_not_readable(st->cur_skb)) + return 0; + if (st->frag_idx == 0 && !st->frag_data) st->stepped_offset += skb_headlen(st->cur_skb); @@ -5779,7 +5830,10 @@ bool skb_try_coalesce(struct sk_buff *to, struct sk_buff *from, (from->pp_recycle && skb_cloned(from))) return false; - if (len <= skb_tailroom(to)) { + if (skb_frags_not_readable(from) != skb_frags_not_readable(to)) + return false; + + if (len <= skb_tailroom(to) && !skb_frags_not_readable(from)) { if (len) BUG_ON(skb_copy_bits(from, 0, skb_put(to, len), len)); *delta_truesize = 0; @@ -5954,6 +6008,9 @@ int skb_ensure_writable(struct sk_buff *skb, unsigned int write_len) if (!pskb_may_pull(skb, write_len)) return -ENOMEM; + if (skb_frags_not_readable(skb)) + return -EFAULT; + if (!skb_cloned(skb) || skb_clone_writable(skb, write_len)) return 0; @@ -6608,7 +6665,7 @@ void skb_condense(struct sk_buff *skb) { if (skb->data_len) { if (skb->data_len > skb->end - skb->tail || - skb_cloned(skb)) + skb_cloned(skb) || skb_frags_not_readable(skb)) return; /* Nice, we can free page frag(s) right now */ diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 23b29dc49271..5c6fed52ed0e 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -2138,6 +2138,9 @@ static int tcp_zerocopy_receive(struct sock *sk, skb = tcp_recv_skb(sk, seq, &offset); } + if (skb_frags_not_readable(skb)) + break; + if (TCP_SKB_CB(skb)->has_rxtstamp) { tcp_update_recv_tstamps(skb, tss); zc->msg_flags |= TCP_CMSG_TS; @@ -4411,6 +4414,9 @@ int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *hp, if (crypto_ahash_update(req)) return 1; + if (skb_frags_not_readable(skb)) + return 1; + for (i = 0; i < shi->nr_frags; ++i) { const skb_frag_t *f = &shi->frags[i]; unsigned int offset = skb_frag_off(f); diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 18b858597af4..64643dad5e1a 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -5264,6 +5264,9 @@ tcp_collapse(struct sock *sk, struct sk_buff_head *list, struct rb_root *root, for (end_of_skbs = true; skb != NULL && skb != tail; skb = n) { n = tcp_skb_next(skb, list); + if (skb_frags_not_readable(skb)) + goto skip_this; + /* No new bits? It is possible on ofo queue. */ if (!before(start, TCP_SKB_CB(skb)->end_seq)) { skb = tcp_collapse_one(sk, skb, list, root); @@ -5284,17 +5287,20 @@ tcp_collapse(struct sock *sk, struct sk_buff_head *list, struct rb_root *root, break; } - if (n && n != tail && mptcp_skb_can_collapse(skb, n) && + if (n && n != tail && !skb_frags_not_readable(n) && + mptcp_skb_can_collapse(skb, n) && TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(n)->seq) { end_of_skbs = false; break; } +skip_this: /* Decided to skip this, advance start seq. */ start = TCP_SKB_CB(skb)->end_seq; } if (end_of_skbs || - (TCP_SKB_CB(skb)->tcp_flags & (TCPHDR_SYN | TCPHDR_FIN))) + (TCP_SKB_CB(skb)->tcp_flags & (TCPHDR_SYN | TCPHDR_FIN)) || + skb_frags_not_readable(skb)) return; __skb_queue_head_init(&tmp); @@ -5338,7 +5344,8 @@ tcp_collapse(struct sock *sk, struct sk_buff_head *list, struct rb_root *root, if (!skb || skb == tail || !mptcp_skb_can_collapse(nskb, skb) || - (TCP_SKB_CB(skb)->tcp_flags & (TCPHDR_SYN | TCPHDR_FIN))) + (TCP_SKB_CB(skb)->tcp_flags & (TCPHDR_SYN | TCPHDR_FIN)) || + skb_frags_not_readable(skb)) goto end; #ifdef CONFIG_TLS_DEVICE if (skb->decrypted != nskb->decrypted) diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 2866ccbccde0..60df27f6c649 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -2309,7 +2309,8 @@ static bool tcp_can_coalesce_send_queue_head(struct sock *sk, int len) if (unlikely(TCP_SKB_CB(skb)->eor) || tcp_has_tx_tstamp(skb) || - !skb_pure_zcopy_same(skb, next)) + !skb_pure_zcopy_same(skb, next) || + skb_frags_not_readable(skb) != skb_frags_not_readable(next)) return false; len -= skb->len; @@ -3193,6 +3194,8 @@ static bool tcp_can_collapse(const struct sock *sk, const struct sk_buff *skb) return false; if (skb_cloned(skb)) return false; + if (skb_frags_not_readable(skb)) + return false; /* Some heuristics for collapsing over SACK'd could be invented */ if (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_ACKED) return false; diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c index a84e00b5904b..8f6cca683939 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c @@ -2156,7 +2156,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, } } - snaplen = skb->len; + snaplen = skb_frags_not_readable(skb) ? skb_headlen(skb) : skb->len; res = run_filter(skb, sk, snaplen); if (!res) @@ -2279,7 +2279,7 @@ static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev, } } - snaplen = skb->len; + snaplen = skb_frags_not_readable(skb) ? skb_headlen(skb) : skb->len; res = run_filter(skb, sk, snaplen); if (!res)