DPDK patches and discussions
 help / color / mirror / Atom feed
From: Ferruh Yigit <ferruh.yigit@intel.com>
To: Stephen Hemminger <stephen@networkplumber.org>,
	Thomas Monjalon <thomas@monjalon.net>,
	David Marchand <david.marchand@redhat.com>
Cc: Elad Nachman <eladv6@gmail.com>, <dev@dpdk.org>,
	<stable@dpdk.org>, "Igor Ryzhov" <iryzhov@nfware.com>,
	Eric Christian <erclists@gmail.com>
Subject: Re: [PATCH] kni: restrict bifurcated device support
Date: Tue, 23 Nov 2021 09:54:01 +0000
Message-ID: <f7269e9c-8238-0e43-96ba-0b9f14bf4f58@intel.com> (raw)
In-Reply-To: <20211008190335.1fdc8f4a@hermes.local>

On 10/9/2021 3:03 AM, Stephen Hemminger wrote:
> On Sat,  9 Oct 2021 00:58:30 +0100
> Ferruh Yigit <ferruh.yigit@intel.com> wrote:
>> To enable bifurcated device support, rtnl_lock is released before calling
>> userspace callbacks and asynchronous requests are enabled.
>> But these changes caused more issues, like bug #809, #816. To reduce the
>> scope of the problems, the bifurcated device support related changes are
>> only enabled when it is requested explicitly with new 'enable_bifurcated'
>> module parameter.
>> And bifurcated device support is disabled by default.
>> So the bifurcated device related problems are isolated and they can be
>> fixed without impacting all use cases.
>> Bugzilla ID: 816
>> Fixes: 631217c76135 ("kni: fix kernel deadlock with bifurcated device")
>> Cc: stable@dpdk.org
>> Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
> Calling userspace with semaphore held is still risky and buggy.
> There is no guarantee that the userspace DPDK application will be well behaved.
> And if it is not, the spinning holding RTNL would break any other network management
> functions in the kernel.

Hi Stephen,

Because of what you described above, we tried the option that releases the RTNL
lock before userspace callback,
That caused a deadlock in the ifdown, and we add a workaround for it.

But now we are facing with two more issues because of the rtnl lock release,
- Bugzilla ID: 816, MAC set cause kernel deadlock
- Some requests are overwritten (because of the workaround we put for ifdown)

This patch just converts the default behavior to what it was previously.
Releasing rtnl lock still supported with the module param, but I think it
is not good idea to make it default while it is know that it is buggy.

@Thomas, @David,
Can it be possible to get this patch for -rc4? Since it has potential
to cause a deadlock in kernel as it is.

I can send a new version with documentation update.

> These are the kind of problems that make me think it there should be a
> big "DO NOT USE THIS" onto KNI. Maybe make it print a big nasty message
> (see kernel VFIO without IOMMU description) or mark kernel as tainted??
> See: https://fedoraproject.org/wiki/KernelStagingPolicy
> Something like:
> diff --git a/kernel/linux/kni/kni_net.c b/kernel/linux/kni/kni_net.c
> index 611719b5ee27..d47fc6133cbe 100644
> --- a/kernel/linux/kni/kni_net.c
> +++ b/kernel/linux/kni/kni_net.c
> @@ -838,6 +838,14 @@ kni_net_init(struct net_device *dev)
>   	dev->header_ops      = &kni_net_header_ops;
>   	dev->ethtool_ops     = &kni_net_ethtool_ops;
>   	dev->watchdog_timeo = WD_TIMEOUT;
> +
> +	/*
> +	 * KNI is unsafe since it requires calling userspace to do
> +	 * control operations. And the overall quality according to
> +	 * kernel standards is the same as devices in staging.
> +	 */
> +	netdev_warn(dev, "Adding kernel taint for KNI because it is not safe\n");

I am for discussing above separate from this patch, since this patch
restores the behavior that exist since KNI module exists.

  reply	other threads:[~2021-11-23  9:54 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-08 23:58 [dpdk-dev] " Ferruh Yigit
2021-10-09  2:03 ` Stephen Hemminger
2021-11-23  9:54   ` Ferruh Yigit [this message]
2021-11-23 16:22     ` Stephen Hemminger
2021-11-23 16:51       ` Ferruh Yigit
2021-11-23 19:10         ` Stephen Hemminger
2021-11-17 16:42 ` Igor Ryzhov
2021-11-23 16:46 ` [PATCH v2] " Ferruh Yigit
2021-11-24 13:51   ` Thomas Monjalon

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f7269e9c-8238-0e43-96ba-0b9f14bf4f58@intel.com \
    --to=ferruh.yigit@intel.com \
    --cc=david.marchand@redhat.com \
    --cc=dev@dpdk.org \
    --cc=eladv6@gmail.com \
    --cc=erclists@gmail.com \
    --cc=iryzhov@nfware.com \
    --cc=stable@dpdk.org \
    --cc=stephen@networkplumber.org \
    --cc=thomas@monjalon.net \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

DPDK patches and discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://inbox.dpdk.org/dev/0 dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dev dev/ http://inbox.dpdk.org/dev \
	public-inbox-index dev

Example config snippet for mirrors.
Newsgroup available over NNTP:

AGPL code for this site: git clone https://public-inbox.org/public-inbox.git