IO-Uring Archive on lore.kernel.org
 help / color / Atom feed
From: Victor Stewart <v@nametag.social>
To: io-uring <io-uring@vger.kernel.org>, Jens Axboe <axboe@kernel.dk>
Subject: [RFC 0/1] whitelisting UDP GSO and GRO cmsgs
Date: Mon, 23 Nov 2020 15:29:09 +0000
Message-ID: <CAM1kxwi5m6i8hrtkw7nZYoziPTD-Wp03+fcsUwh3CuSc=81kUQ@mail.gmail.com> (raw)

so currently all cmsg headers are disabled through sendmsg and recvmsg
operations through io_uring because of
https://www.exploit-db.com/exploits/47779

i think it's time we start whitelisting the good guys though? GSO and
GRO are hugely important for QUIC servers, and together offer a higher
throughput gain than io_uring alone (rate of data transit
considering), thus io_uring is the lesser performance choice for QUIC
servers at the moment.

RE http://vger.kernel.org/lpc_net2018_talks/willemdebruijn-lpc2018-udpgso-paper-DRAFT-1.pdf,
GSO is about +~63% and GRO +~82%.

this patch closes that loophole.

Victor Stewart (1);
   net/socket.c: add __sys_whitelisted_cmsghdrs()

   net/socket.c | 15 ++++++++++++---
   1 file changed, 12 insertions(+), 3 deletions(-)

             reply index

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-23 15:29 Victor Stewart [this message]
2020-11-23 16:13 ` Stefan Metzmacher
     [not found]   ` <CAM1kxwhUcXLKU=2hCVaBngOKRL_kgMX4ONy9kpzKW+ZBZraEYw@mail.gmail.com>
     [not found]     ` <5d71d36c-0bfb-a313-07e8-0e22f7331a7a@samba.org>
2020-11-28 19:03       ` Victor Stewart
2020-11-30 10:52         ` Stefan Metzmacher
2020-11-30 14:57           ` Soheil Hassas Yeganeh
2020-11-30 15:05             ` Stefan Metzmacher
2020-11-30 15:15               ` Soheil Hassas Yeganeh
2020-11-30 16:17                 ` Victor Stewart
2020-11-30 16:20                   ` Soheil Hassas Yeganeh

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAM1kxwi5m6i8hrtkw7nZYoziPTD-Wp03+fcsUwh3CuSc=81kUQ@mail.gmail.com' \
    --to=v@nametag.social \
    --cc=axboe@kernel.dk \
    --cc=io-uring@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

IO-Uring Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/io-uring/0 io-uring/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 io-uring io-uring/ https://lore.kernel.org/io-uring \
		io-uring@vger.kernel.org
	public-inbox-index io-uring

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.io-uring


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git