summaryrefslogtreecommitdiffstats
path: root/net/packet
diff options
context:
space:
mode:
authorEric Dumazet <edumazet@google.com>2019-06-12 09:52:31 -0700
committerDavid S. Miller <davem@davemloft.net>2019-06-14 18:52:14 -0700
commit2c51c6273c73ff04099f48fb42dfdd2acc7a1b70 (patch)
tree5153110a521ecde10c1a23ee8fbeb79f495cd871 /net/packet
parent8e8e2951e3095732d7e780c241f61ea130955a57 (diff)
downloadlinux-2c51c6273c73ff04099f48fb42dfdd2acc7a1b70.tar.gz
linux-2c51c6273c73ff04099f48fb42dfdd2acc7a1b70.tar.bz2
linux-2c51c6273c73ff04099f48fb42dfdd2acc7a1b70.zip
net/packet: implement shortcut in tpacket_rcv()
tpacket_rcv() can be hit under DDOS quite hard, since it will always grab a socket spinlock, to eventually find there is no room for an additional packet. Using tcpdump [1] on a busy host can lead to catastrophic consequences, because of all cpus spinning on a contended spinlock. This replicates a similar strategy used in packet_rcv() [1] Also some applications mistakenly use af_packet socket bound to ETH_P_ALL only to send packets. Receive queue is never drained and immediately full. Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/packet')
-rw-r--r--net/packet/af_packet.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index 2d499679811a..860ca3e6abf5 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -2193,6 +2193,12 @@ static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev,
if (!res)
goto drop_n_restore;
+ /* If we are flooded, just give up */
+ if (__packet_rcv_has_room(po, skb) == ROOM_NONE) {
+ atomic_inc(&po->tp_drops);
+ goto drop_n_restore;
+ }
+
if (skb->ip_summed == CHECKSUM_PARTIAL)
status |= TP_STATUS_CSUMNOTREADY;
else if (skb->pkt_type != PACKET_OUTGOING &&