• Willem de Bruijn's avatar
    net-rps: fixes for rps flow limit · 5f121b9a
    Willem de Bruijn authored
    Caught by sparse:
    - __rcu: missing annotation to sd->flow_limit
    - __user: direct access in cpumask_scnprintf
    
    Also
    - add endline character when printing bitmap if room in buffer
    - avoid bucket overflow by reducing FLOW_LIMIT_HISTORY
    
    The last item warrants some explanation. The hashtable buckets are
    subject to overflow if FLOW_LIMIT_HISTORY is larger than or equal
    to bucket size, since all packets may end up in a single bucket. The
    current (rather arbitrary) history value of 256 happens to match the
    buffer size (u8).
    
    As a result, with a single flow, the first 128 packets are accepted
    (correct), the second 128 packets dropped (correct) and then the
    history[] array has filled, so that each subsequent new packet
    causes an increment in the bucket for new_flow plus a decrement
    for old_flow: a steady state.
    
    This is fine if packets are dropped, as the steady state goes away
    as soon as a mix of traffic reappears. But, because the 256th packet
    overflowed the bucket to 0: no packets are dropped.
    
    Instead of explicitly adding an overflow check, this patch changes
    FLOW_LIMIT_HISTORY to never be able to overflow a single bucket.
    Reported-by: default avatarFengguang Wu <fengguang.wu@intel.com>
    (first item)
    Signed-off-by: default avatarWillem de Bruijn <willemb@google.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    5f121b9a
sysctl_net_core.c 8.46 KB