Date: Sun, 12 Sep 1999 20:36:59 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: Bosko Milekic <bmilekic@dsuper.net> Cc: Stas Kisel <stas@sonet.crimea.ua>, avalon@coombs.anu.edu.au, freebsd-hackers@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: mbuf shortage situations (followup) Message-ID: <199909130336.UAA20252@apollo.backplane.com> References: <Pine.OSF.4.05.9909122304470.18795-300000@oracle.dsuper.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I think that what needs to be done is to split the problem in two. First,
allow the mbuf routines to return a failure even with M_WAIT. If M_WAIT
is used, it simply means 'try harder, sleeping a bit if necessary'. This
requires ensuring that all the networking code deal with the failure
case - a time consuming but straightforward task. If a failure occurs,
one simply drops the packet, not the connection or anything else drastic.
just the packet.
The second problem that needs to be addressed is resource exhaustion.
For example, allocating thousands of connections and socket-opting their
buffers as large as possible, or programs such as syslog accepting new
connections ad-infinitum. This is a harder problem to fix properly,
but a lot of the various issues such as those with syslog can be dealt
with in userland rather then the kernel.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909130336.UAA20252>