lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <02fd8c825b9d77bfc6c7f6318cdddb85fb295ec6.camel@fedoraproject.org>
Date:   Tue, 16 Jan 2018 18:16:43 +0100
From:   Björn 'besser82' Esser 
        <besser82@...oraproject.org>
To:     David Miller <davem@...emloft.net>
Cc:     waltje@...lt.NL.Mugnet.ORG, flla@...d.uni-sb.de,
        A.Cox@...nsea.ac.uk, linux-kernel@...r.kernel.org,
        netdev@...r.kernel.org, trivial@...nel.org, labbott@...hat.com,
        zbyszek@...waw.pl, Stephan Mueller <smueller@...onox.de>,
        linux-crypto@...r.kernel.org
Subject: Re: [PATCH v2] net/core: Increase default optmem_max limit

With the new Linux Kernel Crypto API User Space Interface
and its underlying AF_ALG socket, the current default value
for `net.core.optmem_max` can be exhausted pretty quick when
using asynchronous IO; on 32 bit systems it is not even enough
for sending about 10 IOVECs at once to the socket interface.

To provide consumers of this new user space interface a well
sufficient and reasonable maximum ancillary buffer size per
socket by default, the limit is increased to four times of
the previous setting:

  * 32 bit systems:  from 10240 bytes to 40960 bytes
  * 64 bit systems:  from 20480 bytes to 81920 bytes

This allows for sending 32/64 (32/64 bit) parallel IOVECs at
once to the socket interface, which should be enough for use
in real world applications.

Signed-off-by: Björn Esser <besser82@...oraproject.org>
---
 net/core/sock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/core/sock.c b/net/core/sock.c
index c0b5b2f17412..de00c571c933 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -316,7 +316,7 @@ __u32 sysctl_wmem_default __read_mostly = SK_WMEM_MAX;
 __u32 sysctl_rmem_default __read_mostly = SK_RMEM_MAX;
 
 /* Maximal space eaten by iovec or ancillary data plus some space */
-int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*(2*UIO_MAXIOV+512);
+int sysctl_optmem_max __read_mostly = sizeof(unsigned long)*4*(2*UIO_MAXIOV+512);
 EXPORT_SYMBOL(sysctl_optmem_max);
 
 int sysctl_tstamp_allow_data __read_mostly = 1;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ