Re: [patch] fixed af_packet to not lose frames and made us crazy in

Andrea Arcangeli (andrea@e-mind.com)
Fri, 12 Mar 1999 21:24:59 +0100 (CET)


On Fri, 12 Mar 1999, Alan Cox wrote:

>> So I fixed the thing simply changing af_packet to ignore the rcvbuf
>> limits. I think it's a good thing to be sure to always have a _relialable_
>> tcpdump.
>
>It is a good thing to have a reliable tcpdump. Its even less reliable
>now I can use it to wipe out your machine. Your tools to monitor an attacker
>now let them break your computer.

In the worst case it won't wipe out my machine. The machine could go OOM
yes, but I'd like more to have the machine overloaded than not see what's
going to happen. And if your tcpdump will get an OOM segfault it won't
make difference because you are just going to lose data so better a
complete break than an hided lose frame. This mean you'll do everything
possible until you'll be OOM. I like this way here. I use tcpdump for
debugging and I _don't_ want to ask myself if for some unliky reason a
packet got dropped from the receivce queue or see strange things like it
was happening here with the loopback device.

Another approch could be to simply enlarge the default rcv_buf to a custom
value (via a new packet-ioctl), but it's a less generic according to me
(even if very more confortable than your copy to userspace tcpdump buffer
when rmemalloc > rcvbuf, the good point of your approch is that the first
part of the userspace buffer could go to swap).

Comments?

Andrea Arcangeli

PS. just to complete my patches here is the SOCK_RAW change that follow my
way ;).

Index: raw.c
===================================================================
RCS file: /var/cvs/linux/net/ipv4/raw.c,v
retrieving revision 1.1.2.1
diff -u -r1.1.2.1 raw.c
--- raw.c 1999/01/18 01:34:49 1.1.2.1
+++ linux/net/ipv4/raw.c 1999/03/12 19:56:57
@@ -31,6 +31,7 @@
* Alan Cox : Added IP_HDRINCL option.
* Alan Cox : Skip broadcast check if BSDism set.
* David S. Miller : New socket lookup architecture.
+ * Andrea Arcangeli: Don't lose packets anymore.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -195,14 +196,7 @@

static int raw_rcv_skb(struct sock * sk, struct sk_buff * skb)
{
- /* Charge it to the socket. */
-
- if (sock_queue_rcv_skb(sk,skb)<0)
- {
- ip_statistics.IpInDiscards++;
- kfree_skb(skb);
- return -1;
- }
+ force_sock_queue_rcv_skb(sk,skb);

ip_statistics.IpInDelivers++;
return 0;

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/