lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 10 Jun 2011 16:10:36 +0200
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Elof Vrigborn <elof.vrigborn@...csson.com>
Cc:	Oliver Neukum <oliver@...kum.name>, netdev@...r.kernel.org
Subject: Re: [PATCH 1/1] cdc_ncm: Fix TCP Window Size issue by CDC NCM
 driver

Le vendredi 10 juin 2011 à 15:39 +0200, Elof Vrigborn a écrit :
> CDC NCM driver clones SKBs for received data and update SKB
> members of the clones according to received frames.
> 
> If SKB clone len member is updated but truesize member is not, it
> could cause check #2 of the tcp_grow_window function to increase
> the TCP window by the __tcp_grow_window function instead of the
> expected increment by 2*advmss. This could to a great extent
> limit the rcv_ssthres and by that the advertised TCP Window Size,
> and in the end the data rate of a TCP connection, as according to
> the TCP Sliding Window concept.
> 
> With this patch the truesize member of the SKB clones is updated
> in similarity to the len member and by this the expected incremental
> of the advertised TCP Window Size is seen and the TCP connection
> data rate will not be unnecessarily limited.
> 
> Signed-off-by: Elof Vrigborn <elof.vrigborn@...csson.com>
> ---
>  drivers/net/usb/cdc_ncm.c |    1 +
>  1 files changed, 1 insertions(+), 0 deletions(-)
> 
> diff --git a/drivers/net/usb/cdc_ncm.c b/drivers/net/usb/cdc_ncm.c
> index f33ca6a..09923cd 100644
> --- a/drivers/net/usb/cdc_ncm.c
> +++ b/drivers/net/usb/cdc_ncm.c
> @@ -1083,6 +1083,7 @@ static int cdc_ncm_rx_fixup(struct usbnet *dev, struct sk_buff *skb_in)
>  			if (!skb)
>  				goto error;
>  			skb->len = temp;
> +			skb->truesize = temp + sizeof(struct sk_buff);
>  			skb->data = ((u8 *)skb_in->data) + offset;
>  			skb_set_tail_pointer(skb, temp);
>  			usbnet_skb_return(dev, skb);

I find this patch dubious.

skb truesize is not meant to be skb->len + sizeof(struct sk_buff);

truesize is really accounting for the truesize of memory blocks, not the
used one.

Many drivers allocate a full 2Kbyte block, even if only 100 bytes are
used in it. If we want to reduce "truesize", then we perform a
"copybreak", to allocate a right sized skb. Some NICS do that for small
frames.

If you have TCP performance problems, this might be because of another
high level problem. This truesize underestimation is only hiding the
problem, but makes the whole machine more subject to OOM bugs.

Could you provide more information ?


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ