Page MenuHomeFreeBSD
Differential D16515

Don't check rcv sockbuf limits when sending on a unix stream socket.
ClosedPublic
Actions

Authored by markj on Jul 30 2018, 5:29 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Feb 8, 9:12 AM
Unknown Object (File)
Wed, Jan 29, 11:57 PM
Unknown Object (File)
Nov 30 2024, 6:19 AM
Unknown Object (File)
Nov 22 2024, 5:57 PM
Unknown Object (File)
Oct 28 2024, 7:13 PM
Unknown Object (File)
Oct 17 2024, 4:17 AM
Unknown Object (File)
Oct 16 2024, 5:38 AM
Unknown Object (File)
Oct 8 2024, 12:11 PM
View All 76 Files
Subscribers
imp
jbeich

Details

Reviewers
None
Group Reviewers
network
Commits
rS337328: Don't check rcv sockbuf limits when sending on a unix stream socket.
Summary

sosend_generic() performs an initial comparison of the amount of data
(including control messages) to be transmitted with the send buffer
size. When sending data with a control message, we then compare the
amount of data being sent with the amount of space in the receive buffer
size; if insufficient space is available, the data is lost. There are
at least two problems with this:

  • The size of control messages will typically change (increase) between these two checks. If the send and rcv socket buffer limits are equal, this means that the second check can fail even if the first one succeeds.
  • If the receive buffer is smaller than the send buffer, sending a message of size larger than the former and smaller than the latter will cause data loss. (This would seem to be an odd configuration, though.)

The first problem is easy to hit. Address it by removing the space
check in sbappendcontrol_locked() (note that sbappend_locked() omits the
check too).

We rely on the SB_STOP-based backpressure mechanism to ensure that
senders are blocked once the rcv buffer is full. With this change, it
becomes possible for the rcv buffer to contain data above its limit.
This doesn't violate any invariants in the socket layer, though, and
there is a bound on how much the limit can be exceeded. Given the
severity of the bug being fixed, I think this is a reasonable
compromise.

Note that there are still some bugs in this area; in particular, mbuf
allocation failures can cause data loss in some cases.

Test Plan
  • Regression test passes; see D16516.
  • Peter Holm's stress2

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj created this revision.Jul 30 2018, 5:29 PM
Harbormaster completed remote builds in B18440: Diff 46038.Jul 30 2018, 5:29 PM
markj edited the test plan for this revision. (Show Details)Jul 30 2018, 5:31 PM
markj added a reviewer: network.
markj mentioned this in D16516: Fix the PR 181741 regression test..
jbeich added a subscriber: jbeich.Jul 30 2018, 6:27 PM
jbeich added inline comments.
sys/kern/uipc_sockbuf.c
958 ↗(On Diff #46038)

Looks incomplete, see

sys/kern/uipc_sockbuf.c:959:1: error: conflicting types for 'sbappendcontrol_locked'
sbappendcontrol_locked(struct sockbuf *sb, struct mbuf *m0,
^
sys/sys/sockbuf.h:144:5: note: previous declaration is here
int     sbappendcontrol_locked(struct sockbuf *sb, struct mbuf *m0,
        ^
sys/kern/uipc_sockbuf.c:987:9: error: assigning to 'int' from incompatible type 'void'
        retval = sbappendcontrol_locked(sb, m0, control);
               ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
markj updated this revision to Diff 46041.Jul 30 2018, 6:35 PM

Fix compile errors.

Harbormaster completed remote builds in B18442: Diff 46041.Jul 30 2018, 6:35 PM
markj added inline comments.Jul 30 2018, 6:36 PM
sys/kern/uipc_sockbuf.c
958 ↗(On Diff #46038)

Thanks, I had made a last-minute tweak before creating the review.

markj added inline comments.Jul 30 2018, 10:41 PM
sys/sys/sockbuf.h
146 ↗(On Diff #46041)

This prototype should be deleted.

markj mentioned this in D16497: Increase the size of PIPSIZ from 8192 to 65536.Jul 31 2018, 4:49 PM
markj updated this revision to Diff 46168.Aug 1 2018, 11:45 PM
markj marked an inline comment as done.
  • Delete extra prototype.
Harbormaster completed remote builds in B18512: Diff 46168.Aug 1 2018, 11:45 PM
markj added a comment.Aug 1 2018, 11:46 PM

I plan to commit the change this weekend if there are no objections.

This revision was not accepted when it landed; it landed in state Needs Review.Aug 4 2018, 8:27 PM
Closed by commit rS337328: Don't check rcv sockbuf limits when sending on a unix stream socket. (authored by markj). · Explain Why
This revision was automatically updated to reflect the committed changes.
Herald added a subscriber: imp. · View Herald TranscriptAug 4 2018, 8:27 PM

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
20 lines
24 lines
sys/
4 lines

Diff 46293

View Options

head/sys/kern/uipc_sockbuf.c

Loading...
View Options

head/sys/kern/uipc_usrreq.c

Loading...
View Options

head/sys/sys/sockbuf.h

Loading...