Re: Legacy Linux kernel support

[Guy Harris via tcpdump-workers <tcpdump-workers () lists tcpdump org>]

> --- Begin Message ---
>
>
> From: Guy Harris <gharris () sonic net>
>
> Date: Wed, 1 Apr 2020 20:48:54 -0700
>
> On Apr 1, 2020, at 4:14 PM, Mario Rugiero via tcpdump-workers <tcpdump-workers () lists tcpdump org> wrote:
>
> > I haven't yet been able to test it, which is why I've been delaying
> > writing about this,
> > but these two commits[0][1], which according to these threads[2][3]
> > are the ones fixing
> > the timeout issue, have been applied to CentOS 7 default kernel,
> > 3.10.0-1062.el7.
>
> So this is about the mmapped PF_PACKET bug where it delivers an empty buffer when it times out, and does *not* wake up 
> the reader when a buffer is delivered, causing empty buffers to pile up unread, and forcing libpcap to periodically 
> poll the mmapped ring buffer to see if anything was delivered without notification?
>
> If so, then this:
>
>         https://github.com/torvalds/linux/commit/da413eec729dae5dcb150e2eb34c5e7e5e4e1b49
>
> i.e. [0] fixes it, by doing wakeups when a buffer is *delivered* (rather than when a packet is *added* to the buffer, 
> which is pointless) and this:
>
>         https://github.com/torvalds/linux/commit/41a50d621a321b4c15273cc1b5ed41437f4acdfb
>
> i.e. [1] arranges that empty buffers aren't delivered when a timeout occurs.
>
> has_broken_tpacket_v3() is checking whether the kernel has that fix or not, based on the kernel version number; to 
> quote the comment in front of it:
>
>  * Some versions of TPACKET_V3 have annoying bugs/misfeatures
>  * around which we have to work.  Determine if we have those
>  * problems or not.
>  * 3.19 is the first release with a fixed version of
>  * TPACKET_V3.  We treat anything before that as
>  * not having a fixed version; that may really mean
>  * it has *no* version.
>
> so it checks for versions prior to 3.19.
>
> That routine is used in set_poll_timeout(); if it returns "true" (a non-zero value), meaning TPACKET_V3 has the bug, 
> the poll() done to wait for packets to arrive is given a non-zero timeout, so that the socket is checked for packets 
> even if no wakeup is delivered by the socket, to drain the empty buffers.
>
> > It can also be seen by comparing vanilla 3.10[4] with the CentOS
> > sources[5], diffing
> > the files located at net/packet/af_packet.c.
> > This *should* mean it works without the workaround.
>
> It should work without the workaround...
>
> ...on systems with the fix.
>
> *NOT* all versions of the Linux kernel with TPACKET_V3 necessarily have the fix.  Version 3.19 and later have the fix; 
> earlier versions have it *only* if whoever built the kernel (e.g., the distribution developer) backported the fix.
>
> So we can't assume the workaround is unnecessary, and remove it, unless we either 1) require a 3.19 or later kernel if 
> we're going to use TPACKET_V3 or 2) *somehow* can detect kernels to which the fix was backported.
>
> --- End Message ---
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers