lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 28 Aug 2008 20:57:02 +0200
From:	Eric Dumazet <dada1@...mosbay.com>
To:	Denys Fedoryshchenko <denys@...p.net.lb>
Cc:	Andi Kleen <andi@...stfloor.org>,
	Joe Malicki <jmalicki@...acarta.com>,
	David Miller <davem@...emloft.net>, johnpol@....mipt.ru,
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
	juhlenko@...mai.com, sammy@...my.net
Subject: Re: loaded router, excessive getnstimeofday in oprofile

Denys Fedoryshchenko a écrit :
> My small IMHO regarding SO_TIMESTAMP.
> 
> 1)Right now i have 400-500 Mbps passing router. If i will run 
> 5 "pings" ,simultaneous ,under _USER_ privileges(i know ping is suid), 
> instead of free 20% CPU time, i will have 1-2% free CPU time. Sure i know 
> ping is suid program, but it is has been "like this" since long time. By 
> security psychos it will be caled DoS.
> 

> 

So... if using ping on your machine has direct an noticeable effect on cpu load, problem is elsewhere
(if no ping is running, you dont have skb timestamping, but still getnstimeofday() is the top function in oprofile)

1) Do you have any netfilter rule using xt_time ?
   (This module also calls __net_timestamp(skb))

2) You maybe have a bad program that do something expensive relative to kernel time services.


bad_program()
{
while (1) {
    struct timeval t0,t1;
    gettimeofday(&tv0, NULL); // or whatever function that calls getnstimeofday()
    do_small_work();
    gettimeofday(&tv1, NULL); // or whatever function that calls getnstimeofday()
    add_stat_event(&tv1, &tv0);
}

> 2)Usefullness of this option. What is a difference if on almost idle machine 
> timestamp retrieved on higher level or lower level? 
> And why we need on highly loaded server so high precision timestamp (with 
> expensive timer), if in my case enabling any socket with SO_TIMESTAMP 
> creating delays more than 10ms(up to 100ms)?

Your setup is probably not common.
You want a PersonnalComputer class machine acts as a SuperCiscoDevice(TM),
while most PC machines dont use more than 10% of CPU power in average...

Many existing programs depend on current SO_TIMESTAMP.
We wont break them to solve a particular problem (yet to be demonstrated)

> 
> 3)Who is most users of SO_TIMESTAMP? iputils which is installed on almost 
> _ANY_ linux machine? busybox which is using same option? Many others 
> userspace multiplatform applications? Or banks? I dont take much in account 
> dhcpd, who is maybe abusing this option.
> 
> So there is few good solutions available (IMHO):
> 1)Introduce some SO_REALTIMESTAMP (anyway even SO_TIMESTAMP not defined in any 
> standard) for banks and ntp folks, who need them. And even give them timespec 
> instead timeval, so they will be even more happy with resolution.

kernel already provides nanosecond resolution :)
Check SO_TIMESTAMPNS and SCM_TIMESTAMPNS





--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ