From: "Serge E. Hallyn" <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: Dan Smith <danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Cc: containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org
Subject: Re: [PATCH 3/4] Update the UNIX buffer restore code to match the new format saved in the image file
Date: Wed, 11 Nov 2009 20:18:24 -0600 [thread overview]
Message-ID: <20091112021824.GA14646@us.ibm.com> (raw)
In-Reply-To: <87vdhgvi6b.fsf-FLMGYpZoEPULwtHQx/6qkW3U47Q5hpJU@public.gmane.org>
Quoting Dan Smith (danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org):
> >> /* Make sure there's room in the send buffer */
> >> sndbuf = sk->sk_sndbuf;
> >> - if (((sk->sk_sndbuf - atomic_read(&sk->sk_wmem_alloc)) < len) &&
> >> + if (((sk->sk_sndbuf - atomic_read(&sk->sk_wmem_alloc)) < h->lin_len) &&
> >> capable(CAP_NET_ADMIN))
> >> - sk->sk_sndbuf += len;
> >> + sk->sk_sndbuf += h->lin_len;
> >> else
> sk-> sk_sndbuf = sysctl_wmem_max;
>
> SH> Can you explain what's going on here?
>
> If we're trying to restore a buffer that is larger than the remaining
> space in the buffer, then one of two things can happen:
>
> 1. You're privileged and we make the space you need
> 2. You're not privileged so we give you the benefit of the doubt and
> set the buffer limit to the system default
>
> In the case of 2, if that system default still isn't enough then the
> sendmsg() will fail like it normally would.
But so should check whether h->len_len < sysctl_wmem_max before
doing the capable check? Remember that any check for capable()
will set PF_SUPERPRIV on the task, so it's better to not call it
if it wasn't definately needed.
> The reason for this is that the application could have loaded up its
> legitimate buffer with data and then set the buffer limit low. That
> doesn't purge the data it already had buffered, it just limits how
> much you can add to it. So, in order to not fail a restart of such a
> legitimate situation, we assume the system default instead of the
> limit set by the user.
thanks,
-serge
next prev parent reply other threads:[~2009-11-12 2:18 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-10 18:47 Add support for connected INET sockets Dan Smith
2009-11-10 18:47 ` [PATCH 2/4] [RFC] Add c/r support for connected INET sockets (v4) Dan Smith
2009-11-11 20:32 ` Serge E. Hallyn
[not found] ` <1257878856-25520-1-git-send-email-danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-11-10 18:47 ` [PATCH 1/4] Unify skb read/write functions and fix for fragmented buffers Dan Smith
[not found] ` <1257878856-25520-2-git-send-email-danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-11-11 20:02 ` Serge E. Hallyn
2009-11-16 18:30 ` Oren Laadan
[not found] ` <4B019A2C.9090507-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
2009-11-16 18:51 ` Dan Smith
[not found] ` <87einyuwum.fsf-FLMGYpZoEPULwtHQx/6qkW3U47Q5hpJU@public.gmane.org>
2009-11-16 19:05 ` Oren Laadan
2009-11-10 18:47 ` [PATCH 3/4] Update the UNIX buffer restore code to match the new format saved in the image file Dan Smith
[not found] ` <1257878856-25520-4-git-send-email-danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-11-11 21:38 ` Serge E. Hallyn
[not found] ` <20091111213851.GE8761-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-11-11 21:57 ` Dan Smith
[not found] ` <87vdhgvi6b.fsf-FLMGYpZoEPULwtHQx/6qkW3U47Q5hpJU@public.gmane.org>
2009-11-12 2:18 ` Serge E. Hallyn [this message]
[not found] ` <20091112021824.GA14646-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-11-12 18:19 ` Dan Smith
[not found] ` <87k4xvvc5b.fsf-FLMGYpZoEPULwtHQx/6qkW3U47Q5hpJU@public.gmane.org>
2009-11-12 19:43 ` Serge E. Hallyn
2009-11-16 18:35 ` Oren Laadan
2009-11-11 21:40 ` Serge E. Hallyn
2009-11-10 18:47 ` [PATCH 4/4] Add some content to the readme.txt for socket c/r Dan Smith
2009-11-16 18:38 ` Add support for connected INET sockets Oren Laadan
-- strict thread matches above, loose matches on Subject: below --
2009-11-17 15:26 Dan Smith
[not found] ` <1258471590-29768-1-git-send-email-danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-11-17 15:26 ` [PATCH 3/4] Update the UNIX buffer restore code to match the new format saved in the image file Dan Smith
[not found] ` <1258471590-29768-4-git-send-email-danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-11-18 4:39 ` Serge E. Hallyn
[not found] ` <20091118043920.GD19841-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-11-18 14:28 ` Dan Smith
[not found] ` <876397vrf1.fsf-FLMGYpZoEPULwtHQx/6qkW3U47Q5hpJU@public.gmane.org>
2009-11-18 15:16 ` Serge E. Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20091112021824.GA14646@us.ibm.com \
--to=serue-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=danms-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.