From: Jon Maloy <maloy@donjonn.com>
To: Eric Dumazet <eric.dumazet@gmail.com>,
Jon Maloy <jon.maloy@ericsson.com>
Cc: "netdev@vger.kernel.org" <netdev@vger.kernel.org>,
Paul Gortmaker <paul.gortmaker@windriver.com>,
"tipc-discussion@lists.sourceforge.net"
<tipc-discussion@lists.sourceforge.net>,
"davem@davemloft.net" <davem@davemloft.net>
Subject: Re: [PATCH net-next v2 2/8] tipc: compensate for double accounting in socket rcv buffer
Date: Wed, 14 May 2014 15:00:44 -0400 [thread overview]
Message-ID: <5373BD5C.9030703@donjonn.com> (raw)
In-Reply-To: <1400089542.7973.104.camel@edumazet-glaptop2.roam.corp.google.com>
On 05/14/2014 01:45 PM, Eric Dumazet wrote:
> On Wed, 2014-05-14 at 12:53 +0000, Jon Maloy wrote:
>
>> For us, the underlying problem is that sk_backlog.len does not
>> give correct information about the buffer situation. There is a comment
>> in _release_sock() trying to explain why.:
>>
>> /*
>> * Doing the zeroing here guarantee we can not loop forever
>> * while a wild producer attempts to flood us.
>> */
>>
>> but I fail to understand how this scenario can happen even with TCP.
>> Yes, it can throw away packets, but not until the receive buffer is full,
>> and then sk_add_backlog() should start rejecting new messages anyway?
>> There is evidently something I have missed here.
> The following can happen :
>
> An innocent user thread does a socket system call.
> It owns the socket.
>
> Then a flood of incoming messages happen, constantly trying to push new
> packets for this socket. Note the packets can be spoofed ones.
>
> Softirq handler notices socket is owned by 'user', so queue packets into
> backlog, unless the sk_rcvbuf limit is hit.
>
> If we were releasing sk_backlog.len for every dequeued skb, we could
> have a deadlock for the innocent user thread, who could never exit from
> __release_sock()
>
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8eae939f1400326b06d0c9afe53d2a484a326871
This is where I don't get it.
sk_add_backlog(limit) is (via sk_rcvqueues_full) testing for
(sk_backlog.len + sk_rmem_alloc) > limit
But, if the receiving user is slow, sk_rmem_alloc will run full eventually, even if we
reduce sk_backlog.len with truesize of each transferred buffer, and sk_add_backlog
should then start throwing away packets. Why doesn't this happen?
I understand that the receiving user will be kept too busy to be able to do
any useful work, but this shouldn't result in the whole system running out
of memory, as is stated in the link. I am still confused.
///jon
> So really you do not want to 'relax' this check.
I am ok with that as long as we can work around it.
Regards
///jon
>
> All you need to do is have a big enough sk_rcvbuf for the expected and
> reasonable amount of memory you allow to be stored in input queues for
> your socket.
>
>
>
------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
next prev parent reply other threads:[~2014-05-14 19:00 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-14 9:39 [PATCH net-next v2 0/8] tipc: bug fixes and improvements Jon Maloy
2014-05-14 9:39 ` [PATCH net-next v2 1/8] tipc: decrease connection flow control window Jon Maloy
2014-05-14 11:50 ` Eric Dumazet
2014-05-14 12:12 ` Jon Maloy
2014-05-14 9:39 ` [PATCH net-next v2 2/8] tipc: compensate for double accounting in socket rcv buffer Jon Maloy
2014-05-14 11:47 ` Eric Dumazet
2014-05-14 12:53 ` Jon Maloy
2014-05-14 17:37 ` David Miller
2014-05-14 17:52 ` Jon Maloy
2014-05-14 17:45 ` Eric Dumazet
2014-05-14 19:00 ` Jon Maloy [this message]
2014-05-14 19:42 ` Eric Dumazet
2014-05-15 13:25 ` Jon Maloy
2014-05-14 9:39 ` [PATCH net-next v2 3/8] tipc: don't record link RESET or ACTIVATE messages as traffic Jon Maloy
2014-05-14 9:39 ` [PATCH net-next v2 4/8] tipc: mark head of reassembly buffer as non-linear Jon Maloy
2014-05-14 9:39 ` [PATCH net-next v2 5/8] tipc: rename and move message reassembly function Jon Maloy
2014-05-14 9:39 ` [PATCH net-next v2 6/8] tipc: improve and extend media address conversion functions Jon Maloy
2014-05-14 9:39 ` [PATCH net-next v2 7/8] tipc: clean up neigbor discovery message reception Jon Maloy
2014-05-14 9:39 ` [PATCH net-next v2 8/8] tipc: merge port message reception into socket reception function Jon Maloy
2014-05-14 19:20 ` [PATCH net-next v2 0/8] tipc: bug fixes and improvements David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5373BD5C.9030703@donjonn.com \
--to=maloy@donjonn.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=jon.maloy@ericsson.com \
--cc=netdev@vger.kernel.org \
--cc=paul.gortmaker@windriver.com \
--cc=tipc-discussion@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.