lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20170824155300.1e577dae@redhat.com>
Date:   Thu, 24 Aug 2017 15:53:00 +0200
From:   Jesper Dangaard Brouer <brouer@...hat.com>
To:     "liujian (CE)" <liujian56@...wei.com>
Cc:     "davem@...emloft.net" <davem@...emloft.net>,
        "kuznet@....inr.ac.ru" <kuznet@....inr.ac.ru>,
        "yoshfuji@...ux-ipv6.org" <yoshfuji@...ux-ipv6.org>,
        "elena.reshetova@...el.com" <elena.reshetova@...el.com>,
        "edumazet@...gle.com" <edumazet@...gle.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        brouer@...hat.com
Subject: Re: Question about ip_defrag


On Thu, 24 Aug 2017 13:15:33 +0000 "liujian (CE)" <liujian56@...wei.com> wrote:
> Hello,
> 
> With below patch we met one issue.
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v4.13-rc6&id=6d7b857d541e
> 
> the issue:
> Ip_defrag fail caused by frag_mem_limit reached 4M(frags.high_thresh).
> At this moment,sum_frag_mem_limit is about 10K.
> and my test machine's cpu num is 64.
> 
> Can i only change frag_mem_limit to sum_ frag_mem_limit?
> 
> 
> diff --git a/net/ipv4/inet_fragment.c b/net/ipv4/inet_fragment.c
> index 96e95e8..f09c00b 100644
> --- a/net/ipv4/inet_fragment.c
> +++ b/net/ipv4/inet_fragment.c
> @@ -120,7 +120,7 @@ static void inet_frag_secret_rebuild(struct inet_frags *f)
>  static bool inet_fragq_should_evict(const struct inet_frag_queue *q)
>  {
>         return q->net->low_thresh == 0 ||
> -              frag_mem_limit(q->net) >= q->net->low_thresh;
> +              sum_frag_mem_limit(q->net) >= q->net->low_thresh;
>  }
> 
>  static unsigned int
> @@ -355,7 +355,7 @@ static struct inet_frag_queue *inet_frag_alloc(struct netns_frags *nf,
>  {
>         struct inet_frag_queue *q;
> 
> -       if (!nf->high_thresh || frag_mem_limit(nf) > nf->high_thresh) {
> +       if (!nf->high_thresh || sum_frag_mem_limit(nf) > nf->high_thresh) {
>                 inet_frag_schedule_worker(f);
>                 return NULL;
>         }
> @@ -396,7 +396,7 @@ struct inet_frag_queue *inet_frag_find(struct netns_frags *nf,
>         struct inet_frag_queue *q;
>         int depth = 0;
> 
> -       if (frag_mem_limit(nf) > nf->low_thresh)
> +       if (sum_frag_mem_limit(nf) > nf->low_thresh)
>                 inet_frag_schedule_worker(f);
> 
>         hash &= (INETFRAGS_HASHSZ - 1);
> --
> 
> Thank you for your time.

What kernel version have you seen this issue with?

As far as I remember, this issue have been fixed before...

-- 
Best regards,
  Jesper Dangaard Brouer
  MSc.CS, Principal Kernel Engineer at Red Hat
  LinkedIn: http://www.linkedin.com/in/brouer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ