lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 30 May 2024 09:08:36 +0800
From: Tony Lu <tonylu@...ux.alibaba.com>
To: Jason Xing <kerneljasonxing@...il.com>
Cc: Kevin Yang <yyd@...gle.com>, David Miller <davem@...emloft.net>,
	Eric Dumazet <edumazet@...gle.com>,
	Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org
Subject: Re: [PATCH net-next 0/2] tcp: add sysctl_tcp_rto_min_us

On Wed, May 29, 2024 at 04:49:39PM +0800, Jason Xing wrote:
> On Wed, May 29, 2024 at 3:21 PM Tony Lu <tonylu@...ux.alibaba.com> wrote:
> >
> > On Tue, May 28, 2024 at 05:13:18PM +0000, Kevin Yang wrote:
> > > Adding a sysctl knob to allow user to specify a default
> > > rto_min at socket init time.
> > >
> > > After this patch series, the rto_min will has multiple sources:
> > > route option has the highest precedence, followed by the
> > > TCP_BPF_RTO_MIN socket option, followed by this new
> > > tcp_rto_min_us sysctl.
> >
> > For series:
> >
> > Reviewed-by: Tony Lu <tonylu@...ux.alibaba.com>
> >
> > I strongly support those patches. For those who use cgroup v1 and want
> > to take effect with simple settings, sysctl is a good way.
> 
> It's not a good reason to use sysctl.
> 
> If you say so, why not introduce many sysctls to replace setsockopt
> operations. For example, introducing a new sysctl to disable delayed
> ack to improve the speed of transmission in some cases just for ease
> of use? No, it's not right, I believe.
> 

Hidden behind the words is that if I am a kernel engineer or SRE helping
users troubleshoot latency issues, and I need to tune tcp_rto_min, then
my only means of not intruding on the application are eBPF or the sysctl
mentioned here.

Comparing sysctl and eBPF, I prefer sysctl isolated by net namespace,
which can be modified and verified more directly and quickly. eBPF is
powerful, but it is not easy to write, debug and manage.

> >
> > And reducing it is helpful for latency-sensitive applications such as
> > Redis, net namespace level sysctl knob is enough.
> 
> Sure, these key parameters play a big role in the TCP stack.
> 
> >
> > >
> > > Kevin Yang (2):
> > >   tcp: derive delack_max with tcp_rto_min helper
> > >   tcp: add sysctl_tcp_rto_min_us
> > >
> > >  Documentation/networking/ip-sysctl.rst | 13 +++++++++++++
> > >  include/net/netns/ipv4.h               |  1 +
> > >  net/ipv4/sysctl_net_ipv4.c             |  8 ++++++++
> > >  net/ipv4/tcp.c                         |  3 ++-
> > >  net/ipv4/tcp_ipv4.c                    |  1 +
> > >  net/ipv4/tcp_output.c                  | 11 ++---------
> > >  6 files changed, 27 insertions(+), 10 deletions(-)
> > >
> > > --
> > > 2.45.1.288.g0e0cd299f1-goog
> > >
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ