| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 03 Mar 2010 09:36:21 -0500 From: Vlad Yasevich <vladislav.yasevich@...com> To: "Zhu, Yi" <yi.zhu@...el.com> CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>, Sridhar Samudrala <sri@...ibm.com> Subject: Re: [PATCH V2 5/7] sctp: use limited socket backlog Zhu, Yi wrote: > Vlad Yasevich <vladislav.yasevich@...com> wrote: > >> I think this will result in a double-free of the skb, because sctp_chunk_free >> attempts to free the skb that's been assigned to the chunk. You can set the skb >> to NULL to get around that. > > Ah, I missed that. Thanks! > > <...> > >> You also leak the ref counts here since now it's possible to not add a packet to >> the backlog queue. That means you'll take refs, but never drop them because >> the receive routing will never run. > > Good catch. I'll fix it. > > BTW, does the current backlog limit (sysctl_rmem_default[1] << 1) enough for sctp? > I noticed the sysctl_sctp_rmem[1] is set to 373500 in my box. > sctp uses the same algorithm as TCP to figure out the memory values. I guess the issue with using the smaller value that it would be possible to queue more the socket receive buffer then to the backlog. Thus backlog would start dropping packets even though receive buffer would still accept them. -vlad > Thanks, > -yi > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists