From: Willy Tarreau <w@1wt.eu>
To: Hannes Frederic Sowa <hannes@stressinduktion.org>
Cc: "David S. Miller" <davem@davemloft.net>,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Eric Dumazet <edumazet@google.com>,
socketpair@gmail.com
Subject: Re: [PATCH] unix: properly account for FDs passed over unix sockets
Date: Wed, 30 Dec 2015 12:23:17 +0100 [thread overview]
Message-ID: <20151230112317.GC14049@1wt.eu> (raw)
In-Reply-To: <56839CC2.9080000@stressinduktion.org>
On Wed, Dec 30, 2015 at 09:58:42AM +0100, Hannes Frederic Sowa wrote:
> The MSG_PEEK code should not be harmful and the patch is good as is. I
> first understood from the published private thread, that it is possible
> for a program to exceed the rlimit of fds. But the DoS is only by
> keeping the fds in flight and not attaching them to any program.
Exactly. The real issue is when these FDs become very expensive such as
pipes full of data.
> __alloc_fd, called on the receiver side, does check for the rlimit
> maximum anyway, so I don't see a loophole anymore:
>
> Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Thanks!
> Another idea would be to add the amount of memory used to manage the fds
> to sock_rmem/wmem but I don't see any advantages or disadvantages.
Compared to the impact of the pending data in pipes themselves in flight,
this would remain fairly minimal.
Thanks,
Willy
next prev parent reply other threads:[~2015-12-30 11:23 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-28 14:14 [PATCH] unix: properly account for FDs passed over unix sockets Willy Tarreau
2015-12-29 14:37 ` Hannes Frederic Sowa
2015-12-29 14:48 ` Hannes Frederic Sowa
2015-12-29 20:35 ` Willy Tarreau
2015-12-30 8:58 ` Hannes Frederic Sowa
2015-12-30 11:23 ` Willy Tarreau [this message]
2015-12-30 13:14 ` One Thousand Gnomes
2015-12-31 6:08 ` Tetsuo Handa
2015-12-31 7:12 ` Willy Tarreau
2015-12-31 10:27 ` One Thousand Gnomes
2016-01-04 21:44 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151230112317.GC14049@1wt.eu \
--to=w@1wt.eu \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=hannes@stressinduktion.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=socketpair@gmail.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).