| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d4b1ab65-c308-382a-2a0e-9042750335e0@gmail.com>
Date: Thu, 11 Jul 2019 20:28:59 +0200
From: Eric Dumazet <eric.dumazet@...il.com>
To: "Prout, Andrew - LLSC - MITLL" <aprout@...mit.edu>,
Eric Dumazet <eric.dumazet@...il.com>,
Christoph Paasch <christoph.paasch@...il.com>
Cc: "David S . Miller" <davem@...emloft.net>,
netdev <netdev@...r.kernel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Jonathan Looney <jtl@...flix.com>,
Neal Cardwell <ncardwell@...gle.com>,
Tyler Hicks <tyhicks@...onical.com>,
Yuchung Cheng <ycheng@...gle.com>,
Bruce Curtis <brucec@...flix.com>,
Jonathan Lemon <jonathan.lemon@...il.com>,
Dustin Marquess <dmarquess@...le.com>
Subject: Re: [PATCH net 2/4] tcp: tcp_fragment() should apply sane memory
limits
On 7/11/19 7:14 PM, Prout, Andrew - LLSC - MITLL wrote:
>
> In my opinion, if a small SO_SNDBUF below a certain value is no longer supported, then SOCK_MIN_SNDBUF should be adjusted to reflect this. The RCVBUF/SNDBUF sizes are supposed to be hints, no error is returned if they are not honored. The kernel should continue to function regardless of what userspace requests for their values.
>
It is supported to set whatever SO_SNDBUF value and get terrible performance.
It always has been.
The only difference is that we no longer allow an attacker to fool TCP stack
and consume up to 2 GB per socket while SO_SNDBUF was set to 128 KB.
The side effect is that in some cases, the workload can appear to have the signature of the attack.
The solution is to increase your SO_SNDBUF, or even better let TCP stack autotune it.
nobody forced you to set very small values for it.
Powered by blists - more mailing lists