Merge branch 'packet-DDOS'
Eric Dumazet says: ==================== net/packet: better behavior under DDOS Using tcpdump (or other af_packet user) on a busy host can lead to catastrophic consequences, because suddenly, potentially all cpus are spinning on a contended spinlock. Both packet_rcv() and tpacket_rcv() grab the spinlock to eventually find there is no room for an additional packet. This patch series align packet_rcv() and tpacket_rcv() to both check if the queue is full before grabbing the spinlock. If the queue is full, they both increment a new atomic counter placed on a separate cache line to let readers drain the queue faster. There is still false sharing on this new atomic counter, we might in the future make it per cpu if there is interest. ==================== Acked-by: Willem de Bruijn <willemb@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Showing
Please register or sign in to comment