Hi Eric,
Thanks for quick feedback.
See my inline answer.
Regards,
Hoang
-----Original Message-----
From: Eric Dumazet <eric.duma...@gmail.com>
Sent: Tuesday, October 22, 2019 9:41 AM
To: Hoang Le <hoang.h...@dektech.com.au>; jon.ma...@ericsson.com;
ma...@donjonn.com; tipc-discuss...@lists.sourceforge.net; netdev@vger.kernel.org
Subject: Re: [net-next] tipc: improve throughput between nodes in netns
On 10/21/19 7:20 PM, Hoang Le wrote:
> n->net = net;
> n->capabilities = capabilities;
> + n->pnet = NULL;
> + for_each_net_rcu(tmp) {
This does not scale well, if say you have a thousand netns ?
[Hoang] This check execs only once at setup step. So we get no problem with
huge namespaces.
> + tn_peer = net_generic(tmp, tipc_net_id);
> + if (!tn_peer)
> + continue;
> + /* Integrity checking whether node exists in namespace or not */
> + if (tn_peer->net_id != tn->net_id)
> + continue;
> + if (memcmp(peer_id, tn_peer->node_id, NODE_ID_LEN))
> + continue;
> +
> + hash_chk = tn_peer->random;
> + hash_chk ^= net_hash_mix(&init_net);
Why the xor with net_hash_mix(&init_net) is needed ?
[Hoang] We're trying to eliminate a sniff at injectable discovery message.
Building hash-mixes as much as possible is to prevent fake discovery messages.
> + hash_chk ^= net_hash_mix(tmp);
> + if (hash_chk ^ hash_mixes)
> + continue;
> + n->pnet = tmp;
> + break;
> + }
How can we set n->pnet without increasing netns ->count ?
Using check_net() later might trigger an use-after-free.
[Hoang] In this case, peer node is down. I assume the tipc xmit function
already bypassed these lines.
