Re: [PATCH V4 net 2/3] tuntap: disable preemption during XDP processing

[Jason Wang]

On 2018å02æ26æ 19:02, Jesper Dangaard Brouer wrote:
> On Sat, 24 Feb 2018 11:32:25 +0800
> Jason Wang <jasowang@xxxxxxxxxx> wrote:
>
> > Except for tuntap, all other drivers' XDP was implemented at NAPI
> > poll() routine in a bh. This guarantees all XDP operation were done at
> > the same CPU which is required by e.g BFP_MAP_TYPE_PERCPU_ARRAY. But
> There is a typo in the defined name "BFP_MAP_TYPE_PERCPU_ARRAY".
> Besides it is NOT a requirement that comes from the map type
> BPF_MAP_TYPE_PERCPU_ARRAY.

But it looks to me that bpf_array uses percpu structure, e.g in 
percpu_array_map_lookup_elem() it tries to access it through this_cpu_ptr().

> The requirement comes from the bpf_redirect_map helper (and only partly
> devmap + cpumap types), as the BPF helper/program stores information in
> the per-cpu redirect_info struct (see filter.c), that is used by
> xdp_do_redirect() and xdp_do_flush_map().
>
>   struct redirect_info {
> 	u32 ifindex;
> 	u32 flags;
> 	struct bpf_map *map;
> 	struct bpf_map *map_to_flush;
> 	unsigned long   map_owner;
>   };
>   static DEFINE_PER_CPU(struct redirect_info, redirect_info);
>
>   [...]
>   void xdp_do_flush_map(void)
>   {
> 	struct redirect_info *ri = this_cpu_ptr(&redirect_info);
> 	struct bpf_map *map = ri->map_to_flush;
>   [...]
>
> Notice the same redirect_info is used by the TC clsbpf system...
>
>
> > for tuntap, we do it in process context and we try to protect XDP
> > processing by RCU reader lock. This is insufficient since
> > CONFIG_PREEMPT_RCU can preempt the RCU reader critical section which
> > breaks the assumption that all XDP were processed in the same CPU.
> >
> > Fixing this by simply disabling preemption during XDP processing.
> I guess, this could pamper over the problem...
>
> But I generally find it problematic that the tuntap is not invoking XDP
> from NAPI poll() routine in BH-context, as that context provided us
> with some protection that allow certain kind of optimizations (like
> this flush API).  I hope this will not limit us in the future, that
> tuntap driver violate the XDP call context.

Good to see tuntap is on the radar :), it was easily forgotten. I was 
glad to test anything new in XDP for tuntap. But I do not see any thing 
that prevents us from having a similar environment that NAPI poll() can 
provides. I admit the flush is inefficient now, but it does not mean we 
can't solve it in the future. E.g for the flush, I plan to introduce the 
batching API which can accept an array of skb/XDP pointers in its 
sendmsg(). Then we can do a more efficient flush.

Note, tuntap supports NAPI (IFF_NAPI), but the main use case is kernel 
rx path hardening. Unless rx batching is enabled, it would be slower 
than non NAPI mode. Technically, it can support XDP but need more work 
(e.g work at the level of XDP buffer instead of skb).

I tend to do fixes or optimizations on the current code unless we find a 
real blocker.

> > Fixes: 761876c857cb ("tap: XDP support")
> $ git describe --contains 761876c857cb
> v4.14-rc1~130^2~270^2

So please let me know if you're ok with the fix.

Thanks