From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:59651)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1XeNjd-0000oy-0k
	for qemu-devel@nongnu.org; Wed, 15 Oct 2014 08:31:24 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1XeNjY-0005xp-VZ
	for qemu-devel@nongnu.org; Wed, 15 Oct 2014 08:31:20 -0400
Received: from mx1.redhat.com ([209.132.183.28]:42769)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1XeNjY-0005xi-OY
	for qemu-devel@nongnu.org; Wed, 15 Oct 2014 08:31:16 -0400
Date: Wed, 15 Oct 2014 13:31:10 +0100
From: "Daniel P. Berrange" <berrange@redhat.com>
Message-ID: <20141015123110.GA3741@redhat.com>
References: <1413375585-20301-1-git-send-email-kraxel@redhat.com>
	<1413375585-20301-7-git-send-email-kraxel@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <1413375585-20301-7-git-send-email-kraxel@redhat.com>
Subject: Re: [Qemu-devel] [PATCH 6/6] vnc: track & limit connections
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Gerd Hoffmann <kraxel@redhat.com>
Cc: qemu-devel@nongnu.org, Anthony Liguori <aliguori@amazon.com>, "Dr. David Alan Gilbert" <dgilbert@redhat.com>

On Wed, Oct 15, 2014 at 02:19:45PM +0200, Gerd Hoffmann wrote:
> Also track the number of connections in "connecting" and "shared" state
> (additionally to "exclusive" state).  Apply a configurable limit to
> these connections.
> 
> The logic to apply the limit to connections in "shared" state is pretty
> simple:  When the limit is reached no new connections are allowed.
> 
> The logic to apply the limit to connections in "connecting" state (this
> is the state you are in *before* successfull authentication) is
> slightly different:  A new connect kicks out the oldest client which is
> still in "connecting" state.  This avoids a easy DoS by unauthenticated
> users by simply opening connections until the limit is reached.

I'd suggest that rather than kicking off the oldest client QEMU
should simply stop calling accept() when it reaches the limit
of active unauthenticated client connections.

By allowing the connection to succeeed & then kicking off another
client QEMU's still burning CPU to do memory allocation & free'ing
for each client.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|