lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 16 Nov 2012 10:51:24 -0800
From:	Julien Tinnes <jln@...gle.com>
To:	Eric Dumazet <eric.dumazet@...il.com>
Cc:	David Miller <davem@...emloft.net>, netdev@...r.kernel.org
Subject: Re: [PATCH] tcp: handle tcp_net_metrics_init() order-5 memory
 allocation failures

On Fri, Nov 16, 2012 at 7:31 AM, Eric Dumazet <eric.dumazet@...il.com> wrote:
> On Fri, 2012-11-16 at 01:39 -0500, David Miller wrote:
>> From: Eric Dumazet <eric.dumazet@...il.com>
>> Date: Thu, 15 Nov 2012 15:41:04 -0800
>>
>> > From: Eric Dumazet <edumazet@...gle.com>
>> >
>> > order-5 allocations can fail with current kernels, we should
>> > try to reduce allocation sizes to allow network namespace
>> > creation.
>> >
>> > Reported-by: Julien Tinnes <jln@...gle.com>
>> > Signed-off-by: Eric Dumazet <edumazet@...gle.com>
>>
>> Indeed, this has to be done better.
>>
>> But this kind of retry solution results in non-deterministic behavior.
>> Yes the tcp metrics cache is best effort, but it's size can influence
>> behavior in a substantial way depending upon the workload.
>>
>> I would suggest that we instead use different limits, ones which the
>> page allocator will satisfy for us always with GFP_KERNEL.
>>
>> 1) include linux/mmzone.h
>>
>> 2) Make the two limits based upon PAGE_ALLOC_COSTLY_ORDER.
>>
>> That is, make the larger table size PAGE_SIZE << PAGE_ALLOC_COSTLY_ORDER
>> and the smaller one PAGE_SIZE << (PAGE_ALLOC_COSTLY_ORDER - 1).
>
> Well, we dont really know what the size needs to be, and your proposal
> reduces the size by a 4 factor, even for the initial namespace.
>
> Julien report was about Chrome browser own netns, on a suspend/resume
> cycle (or something like that)

It happens when users start Chrome. Chrome will create one new network
NS (for the sandbox).

This has been used for a few years now, but we had our first report in
January of this year and we've been getting a few reports very
recently at a rate that is starting to worry me (crbug.com/110756).

Thanks a lot for helping with this!

Julien
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ