| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jul 2018 10:32:00 +1000
From: Jon Maxwell <jmaxwell37@...il.com>
To: davem@...emloft.net
Cc: edumazet@...gle.com, eric.dumazet@...il.com, ncardwell@...gle.com,
David.Laight@...lab.com, kuznet@....inr.ac.ru,
yoshfuji@...ux-ipv6.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, jmaxwell@...hat.com
Subject: [PATCH 0/3] tcp: improve setsockopt() TCP_USER_TIMEOUT accuracy
Based on:
https://patchwork.kernel.org/patch/10516195/
Every time the TCP retransmission timer fires. It checks to see if
there is a timeout before scheduling the next retransmit timer. The
retransmit interval between each retransmission increases
exponentially. The issue is that in order for the timeout to occur the
retransmit timer needs to fire again. If the user timeout check happens
after the 9th retransmit for example. It needs to wait for the 10th
retransmit timer to fire in order to evaluate whether a timeout has
occurred or not. If the interval is large enough then the timeout will
be inaccurate.
For example with a TCP_USER_TIMEOUT of 10 seconds without patch:
1st retransmit:
22:25:18.973488 IP host1.49310 > host2.search-agent: Flags [.]
Last retransmit:
22:25:26.205499 IP host1.49310 > host2.search-agent: Flags [.]
Timeout:
send: Connection timed out
Sun Jul 1 22:25:34 EDT 2018
We can see that last retransmit took ~7 seconds. Which pushed the total
timeout to ~15 seconds instead of the expected 10 seconds. This gets
more inaccurate the larger the TCP_USER_TIMEOUT value. As the interval
increases.
Add tcp_clamp_rto_to_user_timeout() to determine if the user rto has
expired. Or whether the rto interval needs to be recalculated. Use the
original interval if user rto is not set.
Test results with the patch is the expected 10 second timeout:
1st retransmit:
01:37:59.022555 IP host1.49310 > host2.search-agent: Flags [.]
Last retransmit:
01:38:06.486558 IP host1.49310 > host2.search-agent: Flags [.]
Timeout:
send: Connection timed out
Mon Jul 2 01:38:09 EDT 2018
Jon Maxwell (3):
tcp: convert icsk_user_timeout from jiffies to msecs
tcp: Add tcp_retransmit_time() helper routine
tcp: Add tcp_clamp_rto_to_user_timeout() helper to improve accuracy
net/ipv4/tcp.c | 4 ++--
net/ipv4/tcp_timer.c | 51 ++++++++++++++++++++++++++++++++++++++-------------
2 files changed, 40 insertions(+), 15 deletions(-)
--
2.13.6
Powered by blists - more mailing lists