| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1447972381.22599.278.camel@edumazet-glaptop2.roam.corp.google.com> Date: Thu, 19 Nov 2015 14:33:01 -0800 From: Eric Dumazet <eric.dumazet@...il.com> To: Tom Herbert <tom@...bertland.com> Cc: David Miller <davem@...emloft.net>, zenczykowski <zenczykowski@...il.com>, Lorenzo Colitti <lorenzo@...gle.com>, Hannes Frederic Sowa <hannes@...essinduktion.org>, Stephen Hemminger <stephen@...workplumber.org>, Linux Kernel Network Developers <netdev@...r.kernel.org>, Eric Dumazet <edumazet@...gle.com>, Erik Kline <ek@...gle.com>, Dmitry Torokhov <dtor@...gle.com> Subject: Re: Add a SOCK_DESTROY operation to close sockets from userspace On Thu, 2015-11-19 at 14:14 -0800, Tom Herbert wrote: > On Thu, Nov 19, 2015 at 2:07 PM, Eric Dumazet <eric.dumazet@...il.com> wrote: > > On Thu, 2015-11-19 at 13:53 -0800, Tom Herbert wrote: > > > >> That covers the case where the local address is removed, but the not > >> the case where the network manager is informed of an error in the path > >> and wants to signal the application. My understanding was that > >> SIOCKILLADDR would work for the first case, but this patch was need to > >> cover the second case. > >> > >> btw, instead of closing the TCP socket can we just report an error and > >> wake up the application without affecting the connection? That is this > >> just becomes an error on the socket. The response by the application > >> will be the same in any case, porbablly just close the socket and try > >> to reestablish the connection. > > > > I thought this was the patch intent ? > > > > Application gets a EPOLLIN|EPOLLOUT|POLLERR notification (if it is > > willing to receive it, or blocked in a socket syscall) and closes the > > socket. > > > > sk->sk_err = ETIMEDOUT; > > sk->sk_error_report(sk); > > tcp_done(sk); > > > The tcp_done is not needed here. This is the difference between the > application having the connection closed underneath them, versus the > application performing a close to terminate the connection. The latter > behavior preserves the semantics that only the stack or the > application owning the socket can initiate a state change on the > connection. The code behaves like we received a formal RST : Please do not even bother trying to send additional data, it is not worth wasting precious resource. There is currently no system call telling the stack : Please remove all outstanding data for this socket. And even if it was present, how many applications need to be changed, because all they do is probably a close(), after a shutdown() if they really were cautious... -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists