| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Jun 2007 11:04:40 +0200 From: Jens Axboe <jens.axboe@...cle.com> To: Evgeniy Polyakov <johnpol@....mipt.ru> Cc: David Miller <davem@...emloft.net>, netdev@...r.kernel.org Subject: Re: [PATCH][RFC] network splice receive On Fri, Jun 08 2007, Evgeniy Polyakov wrote: > On Fri, Jun 08, 2007 at 10:38:53AM +0200, Jens Axboe (jens.axboe@...cle.com) wrote: > > On Fri, Jun 08 2007, David Miller wrote: > > > From: Jens Axboe <jens.axboe@...cle.com> > > > Date: Fri, 8 Jun 2007 09:48:24 +0200 > > > > > > > Perhaps it's possible to solve this at a different level - can we hang > > > > on to the skb until the pipe buffer has been consumed, and prevent reuse > > > > that way? Then we don't have to care what backing the skb has, as long > > > > as it (and its data) isn't being reused until we drop the reference to > > > > it in sock_pipe_buf_release(). > > > > > > Depending upon whether the pipe buffer consumption is bounded of not, > > > this will jam up the TCP sender because the SKB data allocation is > > > charged against the socket send buffer allocation. > > > > Forgive my network ignorance, but is that a problem? Since you bring it > > up, I guess so :-) > > David means, that socket bufer allocation is limited, and delaying > freeing can end up with exhausint that limit. OK, so a delayed empty of the pipe could end up causing packet drops elsewhere due to allocation exhaustion? > > We can grow the pipe, should we have to. So instead of blocking waiting > > on reader consumption, we can extend the size of the pipe and keep > > going. > > I have a code, which roughly works (but I will test it some more), which > just introduces reference counters for slab pages, so that the would not > be actually freed via page reclaim, but only after reference counters > are dropped. That forced changes in mm/slab.c so likely it is > unacceptible solution, but it is interesting as is. Hmm, still seems like it's working around the problem. We essentially just need to ensure that the data doesn't get _reused_, not just freed. It doesn't help holding a reference to the page, if someone else just reuses it and fills it with other data before it has been consumed and released by the pipe buffer operations. That's why I thought the skb referencing was the better idea, then we don't have to care about the backing of the skb either. Provided that preventing the free of the skb before the pipe buffer has been consumed guarantees that the contents aren't reused. -- Jens Axboe - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists