jason_eggnet.com (Jason Eggleston)
User

Projects

User Details

User Since
Sep 8 2015, 10:30 PM (123 w, 2 d)

Recent Activity

Dec 7 2017

jason_eggnet.com updated the diff for D12586: improve inp locking in getsockopt, setsockopt, and related functions.

Fix memory leak in ip_ctloutput; add documentation to pcbctl function.

Dec 7 2017, 8:50 PM
jason_eggnet.com updated the diff for D12586: improve inp locking in getsockopt, setsockopt, and related functions.

Missed INP_WUNLOCK() in ipv6 setsockopt() processing

Dec 7 2017, 8:21 PM

Oct 27 2017

jason_eggnet.com updated the diff for D12586: improve inp locking in getsockopt, setsockopt, and related functions.

remove in_pcbref in ctl functions

Oct 27 2017, 2:20 AM

Oct 26 2017

jason_eggnet.com added a comment to D12586: improve inp locking in getsockopt, setsockopt, and related functions.

It looks like a socket is guaranteed to have a single defined inp that is valid (specifically, not free'd) from the time socket or accept is called all the way to the time that close is called.

Oct 26 2017, 10:37 PM
jason_eggnet.com updated the diff for D12586: improve inp locking in getsockopt, setsockopt, and related functions.

allow for inp / in6p being null in certain cases within ip_ctl functions

Oct 26 2017, 4:08 AM
jason_eggnet.com added a comment to D12586: improve inp locking in getsockopt, setsockopt, and related functions.

It looks like there might be cases in ip_ctloutput, ip6_ctloutput, rip_ctloutput, and ip6_raw_ctloutput where the inp/in6p being null is ok.

Oct 26 2017, 3:27 AM
jason_eggnet.com updated the diff for D12586: improve inp locking in getsockopt, setsockopt, and related functions.

update outstanding issues

Oct 26 2017, 3:00 AM

Oct 13 2017

jason_eggnet.com added inline comments to D12586: improve inp locking in getsockopt, setsockopt, and related functions.
Oct 13 2017, 4:00 AM

Oct 10 2017

jason_eggnet.com abandoned D12583: check so_error earlier in sosend_generic.

Sounds good, I'll abandon this.

Oct 10 2017, 10:09 PM
jason_eggnet.com added a comment to D12633: match sendfile() error handling to send().

No problem, thanks :)

Oct 10 2017, 10:04 PM
jason_eggnet.com added a comment to D12633: match sendfile() error handling to send().

Ok, Sean just reverted the previous patch, and this patch is based on the new HEAD.

Oct 10 2017, 12:58 AM
jason_eggnet.com updated the diff for D12633: match sendfile() error handling to send().

rebase patch to new HEAD

Oct 10 2017, 12:57 AM
jason_eggnet.com added a comment to D12583: check so_error earlier in sosend_generic.

We'll probably be abandoning this review in favor of keeping the current behavior and ensuring sendfile behaves the same as send and write.

Oct 10 2017, 12:08 AM
jason_eggnet.com created D12633: match sendfile() error handling to send().
Oct 10 2017, 12:07 AM

Oct 9 2017

jason_eggnet.com added a comment to D12583: check so_error earlier in sosend_generic.

Gleb wants us to hold off on this for the moment, with the first step of making sendfile() work like current send() / write() paths.

Oct 9 2017, 11:39 PM
jason_eggnet.com added a reviewer for D12583: check so_error earlier in sosend_generic: glebius.
Oct 9 2017, 11:38 PM

Oct 5 2017

jason_eggnet.com retitled D12586: improve inp locking in getsockopt, setsockopt, and related functions from ensure inp is locked during setsockopt and getsockopt to improve inp locking in getsockopt, setsockopt, and related functions.
Oct 5 2017, 10:43 PM
jason_eggnet.com updated the diff for D12586: improve inp locking in getsockopt, setsockopt, and related functions.
  • Consistently handle locking in tcp_ipsec_pcbctl(), as well as use rlocks for reads, and wlocks for writes.
Oct 5 2017, 10:33 PM

Oct 4 2017

jason_eggnet.com added a comment to D12586: improve inp locking in getsockopt, setsockopt, and related functions.
In D12586#261038, @ae wrote:

Probably you need to modify netipsec/ipsec_pcb.c too.

Oct 4 2017, 4:16 PM
jason_eggnet.com added a comment to D12586: improve inp locking in getsockopt, setsockopt, and related functions.

This issue was discovered by rare memory corruption when calling ip6_optlen(). The likely culprit was unlocked manipulation of in6p->in6p_outputopts.

Oct 4 2017, 4:09 AM
jason_eggnet.com updated the summary of D12586: improve inp locking in getsockopt, setsockopt, and related functions.
Oct 4 2017, 3:59 AM
jason_eggnet.com updated the diff for D12586: improve inp locking in getsockopt, setsockopt, and related functions.

rename OPTSET2292_REQUIRED to OPTSET2282_EXCLUSIVE

Oct 4 2017, 3:54 AM
jason_eggnet.com created D12586: improve inp locking in getsockopt, setsockopt, and related functions.
Oct 4 2017, 2:03 AM

Oct 3 2017

jason_eggnet.com added a comment to D12583: check so_error earlier in sosend_generic.

Before patch:

Oct 3 2017, 11:10 PM
jason_eggnet.com added a reviewer for D12583: check so_error earlier in sosend_generic: transport.
Oct 3 2017, 11:07 PM
jason_eggnet.com created D12583: check so_error earlier in sosend_generic.
Oct 3 2017, 11:07 PM
jason_eggnet.com added a reviewer for D12575: Check so_error early in sendfile() call: transport.
Oct 3 2017, 2:56 PM
jason_eggnet.com added a comment to D12575: Check so_error early in sendfile() call.

Using packetdrill with this https://github.com/nplab/packetdrill/pull/137

Oct 3 2017, 2:54 PM
jason_eggnet.com created D12575: Check so_error early in sendfile() call.
Oct 3 2017, 2:45 PM

Oct 2 2017

jason_eggnet.com abandoned D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.

Abandoning this due to insufficient proof of a problem.

Oct 2 2017, 8:57 PM
jason_eggnet.com abandoned D12492: Ensure strict error handling of tcp_usr_send.

Abandoning this due to insufficient proof of a problem.

Oct 2 2017, 8:56 PM
jason_eggnet.com added a comment to D12492: Ensure strict error handling of tcp_usr_send.

Based on evaluating this more, feedback in https://reviews.freebsd.org/D12501, and some production analysis, I think the only potential exposure here is tcp_usr_send adding bytes to the socket with sbappendstream followed by tcp_connect returning EAGAIN.

Oct 2 2017, 8:01 PM
jason_eggnet.com added a comment to D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.

We're running a modified patch of this in production where a counter is incremented, and we aren't seeing a counter increment.

Oct 2 2017, 7:44 PM

Sep 26 2017

jason_eggnet.com added a comment to D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.

I think a reasonable question here is, why the gate on rem <= 0 for goto noerr;

Sep 26 2017, 7:00 PM
jason_eggnet.com updated the diff for D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.
  • detect when EINTR and EAGAIN can be squelched in sendfile
Sep 26 2017, 6:12 PM
jason_eggnet.com added inline comments to D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.
Sep 26 2017, 6:08 PM
jason_eggnet.com added a comment to D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.
In D12501#259391, @jtl wrote:

OK, thanks! I agree this concept appears consistent with the current user-space send equivalent.

I'm not positive that pru_send is guaranteed to not return EINTR or ERESTART, so it might be worth considering them.

Also, in this particular context (TCP behavior), note that the EAGAIN about which you are concerned is probably not even possible, since it only occurs in the implicit connect case, which sendfile doesn't support.

Sep 26 2017, 5:44 PM
jason_eggnet.com added a comment to D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.

Ok, let's dig in. pru_send, aka tcp_usr_send calls both tcp_connect in some cases, and tcp_output in most cases. Both calls are after sbappendstream() is called. tcp_connect has a pretty clear if rare path to EAGAIN via in_pcbbind and might be the source of the issues we are seeing.

Sep 26 2017, 3:48 PM
jason_eggnet.com added a comment to D12492: Ensure strict error handling of tcp_usr_send.

I've created another diff for the simpler approach. If that looks better, we can abandon the more extensive changes.

Sep 26 2017, 6:55 AM
jason_eggnet.com created D12501: count bytes in vn_sendfile when pru_send returns EAGAIN.
Sep 26 2017, 6:54 AM
jason_eggnet.com added a comment to D12492: Ensure strict error handling of tcp_usr_send.

The primary goal is to ensure that userspace and the kernel are in lock step as far as how many bytes were actually added to the socket, as long as sendfile returns no error or an error that is not fatal to the connection.

Sep 26 2017, 5:49 AM

Sep 25 2017

jason_eggnet.com added a comment to D12430: tcp: Don't "negotiate" MSS..

I'm not seeing where that was discussed but, sounds good to me.

Sep 25 2017, 6:23 PM
jason_eggnet.com added a comment to D12492: Ensure strict error handling of tcp_usr_send.
In D12492#258950, @jtl wrote:

Can you explain how these are different? Both functionally set error to so->so_error, and then set so->so_error to 0. If (so) is properly locked, it looks like these should be equivalent. If (so) is not properly locked, then the new formulation is not guaranteed to overcome this deficiency.

But, I could be missing something obvious... (It is one of "those days" today. :-) )

Sep 25 2017, 6:04 PM
jason_eggnet.com updated the diff for D12492: Ensure strict error handling of tcp_usr_send.

revert so_error change

Sep 25 2017, 5:50 PM
jason_eggnet.com updated the diff for D12492: Ensure strict error handling of tcp_usr_send.

fix so_error handling

Sep 25 2017, 5:26 PM
jason_eggnet.com removed a dependent revision for D12492: Ensure strict error handling of tcp_usr_send: D12493: improve so_error fetching in vn_sendfile.
Sep 25 2017, 5:15 PM
jason_eggnet.com removed a dependency for D12493: improve so_error fetching in vn_sendfile: D12492: Ensure strict error handling of tcp_usr_send.
Sep 25 2017, 5:15 PM
jason_eggnet.com updated the diff for D12492: Ensure strict error handling of tcp_usr_send.
Sep 25 2017, 5:06 PM
jason_eggnet.com abandoned D12493: improve so_error fetching in vn_sendfile.
Sep 25 2017, 5:00 PM
jason_eggnet.com added a dependency for D12493: improve so_error fetching in vn_sendfile: D12492: Ensure strict error handling of tcp_usr_send.
Sep 25 2017, 4:59 PM
jason_eggnet.com added a dependent revision for D12492: Ensure strict error handling of tcp_usr_send: D12493: improve so_error fetching in vn_sendfile.
Sep 25 2017, 4:59 PM
jason_eggnet.com created D12493: improve so_error fetching in vn_sendfile.
Sep 25 2017, 4:58 PM
jason_eggnet.com created D12492: Ensure strict error handling of tcp_usr_send.
Sep 25 2017, 4:06 PM
jason_eggnet.com added a comment to D12430: tcp: Don't "negotiate" MSS..

Ah, yes you are correct with regard to the PPPoE case.

Sep 25 2017, 3:05 PM
jason_eggnet.com added a comment to D12430: tcp: Don't "negotiate" MSS..

We can't revert this patch, for one extremely simple reason, and another more subtle reason.

Sep 25 2017, 2:17 PM

Apr 7 2017

jason_eggnet.com added a comment to D10272: Improve handling of syncookies.

Everyone fall back to syncookie under heavy load, if you reap syncache using callout.

Apr 7 2017, 2:18 AM

Apr 6 2017

jason_eggnet.com added a comment to D10272: Improve handling of syncookies.

Here's an idea from gnn that I agree with:

Apr 6 2017, 10:10 PM

Nov 17 2016

jason_eggnet.com added a comment to D8552: Ignore ACKs with tsecr 0 during 3whs in syncache code..

I think the problems with the current behavior are a bit larger than a RST. As far as we can tell, we send a RST, then delete the syncache entry, which allows the request packet (for http anyway) to create a session... because syncookies were in use.

Nov 17 2016, 11:08 PM

Oct 22 2015

jason_eggnet.com added a comment to D3971: Follow rfc6675 and maintain sacked bytes to calculate correct inflight/pipe calculation..

First, an explanation of the formula. This is the key equation, the missing assumption in my original email:

Oct 22 2015, 6:41 AM
jason_eggnet.com added a comment to D3971: Follow rfc6675 and maintain sacked bytes to calculate correct inflight/pipe calculation..

This formula:

Oct 22 2015, 12:49 AM