From patchwork Sat Sep 4 09:31:54 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tetsuo Handa X-Patchwork-Id: 63763 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id EC958B714F for ; Sat, 4 Sep 2010 19:32:17 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751321Ab0IDJb6 (ORCPT ); Sat, 4 Sep 2010 05:31:58 -0400 Received: from www262.sakura.ne.jp ([202.181.97.72]:57680 "EHLO www262.sakura.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750746Ab0IDJb5 (ORCPT ); Sat, 4 Sep 2010 05:31:57 -0400 Received: from www262.sakura.ne.jp (ksav21.sakura.ne.jp [210.224.165.143]) by www262.sakura.ne.jp (8.14.3/8.14.3) with ESMTP id o849Vs7H061090; Sat, 4 Sep 2010 18:31:54 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) X-Nat-Received: from [202.181.97.72]:51580 [ident-empty] by smtp-proxy.isp with TPROXY id 1283592714.12509 Received: from www262.sakura.ne.jp (localhost [127.0.0.1]) by www262.sakura.ne.jp (8.14.3/8.14.3) with ESMTP id o849Vs1G061087; Sat, 4 Sep 2010 18:31:54 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Received: (from i-love@localhost) by www262.sakura.ne.jp (8.14.3/8.14.3/Submit) id o849VstI061086; Sat, 4 Sep 2010 18:31:54 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Message-Id: <201009040931.o849VstI061086@www262.sakura.ne.jp> X-Authentication-Warning: www262.sakura.ne.jp: i-love set sender to penguin-kernel@i-love.sakura.ne.jp using -f Subject: Re: [PATCH] UNIX: Do not loop forever at unix_autobind(). From: Tetsuo Handa To: eric.dumazet@gmail.com Cc: netdev@vger.kernel.org MIME-Version: 1.0 Date: Sat, 04 Sep 2010 18:31:54 +0900 References: <201008212101.IJG87048.QMOHFtSOVOLFFJ@I-love.SAKURA.ne.jp> <201008302227.DJH30258.OQFMFtFJOOVSHL@I-love.SAKURA.ne.jp> <1283370450.2484.19.camel@edumazet-laptop> <201009040658.o846wxnU028775@www262.sakura.ne.jp> <1283584269.3402.9.camel@edumazet-laptop> <201009040740.o847eB4f040772@www262.sakura.ne.jp> <1283588647.3402.12.camel@edumazet-laptop> In-Reply-To: <1283588647.3402.12.camel@edumazet-laptop> X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.44/RELEASE, bases: 06082010 #4137388, status: clean Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Eric Dumazet wrote: > Quite frankly, given __unix_find_socket_byname() can take quite a long > time with one million entries in table, we should just remove > > if (whatever) > yield(); > > and use a more friendly : > > cond_resched(); > I see. What about this one? ---------------------------------------- From 5c11dcc7dd5063584bc3fbdb059ecdaf12aa38ce Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Sat, 4 Sep 2010 18:02:26 +0900 Subject: [PATCH] UNIX: Do not loop forever at unix_autobind(). We assumed that unix_autobind() never fails if kzalloc() succeeded. But unix_autobind() allows only 1048576 names. If /proc/sys/fs/file-max is larger than 1048576 (e.g. systems with more than 10GB of RAM), a local user can consume all names using fork()/socket()/bind(). If all names are in use, those who call bind() with addr_len == sizeof(short) or connect()/sendmsg() with setsockopt(SO_PASSCRED) will continue while (1) yield(); loop at unix_autobind() till a name becomes available. This patch adds a loop counter in order to give up after 1048576 attempts. Calling yield() for once per 256 attempts may not be sufficient when many names are already in use, for __unix_find_socket_byname() can take long time under such circumstance. Therefore, this patch also adds cond_resched() call. Note that currently a local user can consume 2GB of kernel memory if the user is allowed to create and autobind 1048576 UNIX domain sockets. We should consider adding some restriction for autobind operation. Signed-off-by: Tetsuo Handa --- net/unix/af_unix.c | 15 ++++++++++++--- 1 files changed, 12 insertions(+), 3 deletions(-) diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 4414a18..1ef37ca 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -692,6 +692,7 @@ static int unix_autobind(struct socket *sock) static u32 ordernum = 1; struct unix_address *addr; int err; + unsigned int retries = 0; mutex_lock(&u->readlock); @@ -717,9 +718,17 @@ retry: if (__unix_find_socket_byname(net, addr->name, addr->len, sock->type, addr->hash)) { spin_unlock(&unix_table_lock); - /* Sanity yield. It is unusual case, but yet... */ - if (!(ordernum&0xFF)) - yield(); + /* + * __unix_find_socket_byname() may take long time if many names + * are already in use. + */ + cond_resched(); + /* Give up if all names seems to be in use. */ + if (retries++ == 0xFFFFF) { + err = -ENOMEM; + kfree(addr); + goto out; + } goto retry; } addr->hash ^= sk->sk_type;