lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1393534198.26794.35.camel@edumazet-glaptop2.roam.corp.google.com>
Date:	Thu, 27 Feb 2014 12:49:58 -0800
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Sharat Masetty <sharat04@...il.com>
Cc:	netdev@...r.kernel.org, harout@...eshian.net
Subject: Re: Packet drops observed @ LINUX_MIB_TCPBACKLOGDROP

On Thu, 2014-02-27 at 13:40 -0700, Sharat Masetty wrote:
> Hi Eric,
> 
> We are using kernel version 3.10.0 and network driver is our own
> driver designed to work on hsic-usb interconnect. One thing is for
> sure is that we do not pre allocate lots buffers to hold incoming
> traffic, we only allocate buffers of required size when there is data
> to read off the bus.
> 
> I was under the impression that this backlog queue is charged against
> the socket buffer space(sndbuf and rcvbuf), so I am trying to
> understand in more detail how the driver implementation can be linked
> to this drops in the backlog queue.
> 
> Can you explain to me the significance of this backlog queue? mainly
> from the perspective of the userspace application(in this case iperf)
> socket API calls and the kernel/network stack enqueuing packets up the
> stack..


backlog queue is used to hold packets when softirq handler found
the socket being used by a process (user application doing a sendmsg()
system call for example). Since a softirq cannot sleep, it has to queue
the packet into 'backlog' so that the process can process it as soon as
it is going to exit TCP stack.

We have to put a limit on the backlog, otherwise a DOS attack would fill
the queue and the host would crash, because all memory would be
consumed.

We start dropping packet if length of backlog exceeds
 ( sk->sk_rcvbuf + sk->sk_sndbuf ) socket limit, since linux-3.5

So maybe you set too small limits ?



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ