From: David Miller <davem@davemloft.net>
To: dhowells@redhat.com
Cc: linux-afs@lists.infradead.org, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 01/11] rxrpc: Add a common object cache
Date: Mon, 07 Mar 2016 23:07:37 -0500 (EST) [thread overview]
Message-ID: <20160307.230737.1738396720590983620.davem@davemloft.net> (raw)
In-Reply-To: <23389.1457390714@warthog.procyon.org.uk>
From: David Howells <dhowells@redhat.com>
Date: Mon, 07 Mar 2016 22:45:14 +0000
> David Miller <davem@davemloft.net> wrote:
>
>> I know you put a lot of time and effort into this, but I want to strongly
>> recommend against a garbage collected hash table for anything whatsoever.
>>
>> Especially if the given objects are in some way created/destroyed/etc. by
>> operations triggerable remotely.
>>
>> This can be DoS'd quite trivially, and that's why we have removed the ipv4
>> routing cache which did the same.
>
> Hmmm... You have a point. What would you suggest instead? At least with the
> common object cache code I have, I might be able to just change that.
Objects that are used for correct operation have no easily recyclable
property, you must hold onto them. There has to be a set of resources
held and consumed at both endpoints for it to work properly ("I can't
DoS you without DoS'ing myself").
Where reclaimable tables work is for stuff that is near zero cost to
reconstitute. A good example is the TCP metrics table. When a TCP
metrics entry is reclaimed, it's not like we have to renegotiate a
security context when we try to talk to that end-host again.
If the concept of these open-ended objects is a fundamental aspect of
the protocol.... that's a serious shortcoming of RXRPC.
next prev parent reply other threads:[~2016-03-08 4:07 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-07 14:37 [PATCH 00/11] RxRPC: Rewrite part 2 David Howells
2016-03-07 14:38 ` [PATCH 01/11] rxrpc: Add a common object cache David Howells
2016-03-07 18:42 ` David Miller
2016-03-07 22:45 ` David Howells
2016-03-08 4:07 ` David Miller [this message]
2016-03-08 11:39 ` David Howells
2016-03-08 20:13 ` David Miller
2016-03-08 21:11 ` David Howells
2016-03-09 3:00 ` David Miller
2016-03-08 13:02 ` David Howells
2016-03-08 20:15 ` David Miller
2016-03-07 14:38 ` [PATCH 02/11] rxrpc: Do procfs lists through objcache David Howells
2016-03-07 14:38 ` [PATCH 03/11] rxrpc: Separate local endpoint object handling out into its own file David Howells
2016-03-07 14:38 ` [PATCH 04/11] rxrpc: Implement local endpoint cache David Howells
2016-03-07 14:38 ` [PATCH 05/11] rxrpc: procfs file to list local endpoints David Howells
2016-03-07 14:38 ` [PATCH 06/11] rxrpc: Rename ar-local.c to local-event.c David Howells
2016-03-07 14:38 ` [PATCH 07/11] rxrpc: Rename ar-peer.c to peer-object.c David Howells
2016-03-07 14:38 ` [PATCH 08/11] rxrpc: Implement peer endpoint cache David Howells
2016-03-07 14:39 ` [PATCH 09/11] rxrpc: Add /proc/net/rxrpc_peers to display the known remote endpoints David Howells
2016-03-07 14:39 ` [PATCH 10/11] rxrpc: Rename ar-error.c to peer-event.c David Howells
2016-03-07 14:39 ` [PATCH 11/11] rxrpc: Rename rxrpc_UDP_error_report() to rxrpc_error_report() David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160307.230737.1738396720590983620.davem@davemloft.net \
--to=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=linux-afs@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).