| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Jan 2013 12:36:50 -0500 From: Yannick Koehler <yannick@...hler.name> To: Eric Dumazet <eric.dumazet@...il.com> Cc: Cong Wang <xiyou.wangcong@...il.com>, netdev@...r.kernel.org Subject: Re: Unix Socket buffer attribution Hi Eric, I am not sure to follow you. I am not changing how sockets works. I am actually making the af_unix socket works like others, by using the sndbuf/rcvbuf limits. The code I added was took from netlink.c and sock.c (sock_queue_err_skb). And actually, I am simply "adding" a limit check, not removing. The only thing this may do as a negative side effect is allow more buffer at the same time in the system, but the global number of buffer remains checked, as it was, if it was, since I am not changing how buffer gets allocated, just accounted. Please check my patch. 2013/1/23 Eric Dumazet <eric.dumazet@...il.com>: > On Wed, 2013-01-23 at 08:56 -0800, Eric Dumazet wrote: > >> You'll have to add proper limits (SO_RCVBUF), accounting the truesize of >> all accumulated messages. > > And if you claim being able to remove DOS attacks, you'll also have to > add global limits, at a very minimum. > > (a la /proc/sys/net/ipv4/tcp_mem or /proc/sys/net/ipv4/udp_mem) > > Its not an easy problem, unfortunately. > > > -- Yannick Koehler Courriel: yannick@...hler.name Blog: http://corbeillepensees.blogspot.com -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists