Re: [patch 6/13] signal/timer/event fds v9 - timerfd core ...

[Thomas Gleixner]

On Sun, 2007-04-01 at 10:00 -0700, Davide Libenzi wrote:
> > For periodic timers we probably want to know also about missed ticks,
> > i.e. when the timer was delayed.
> > 
> > I changed recently the rearm handling code of itimers to prevent DoS
> > attacks. See commit 8bfd9a7a229b5f3d3eda5d7d45c2eebec5b4ba16. The posix
> > timer code has a similar mechanism.
> > 
> > Probably we should do the same here. That means that we defer the
> > restart of the timer to the process context.
> 
> But timerfd has that implicit, in the ticks counter. So if you get ticks > 1
> it means you did not read-out (miss) one or more.
> By re-arming the timer whenever you read it, that may be some time after 
> it expired. IMO the behaviour is better as it is now, and if you want the 
> new timer sequence start at a new timeframe, you just use timerfd with the 
> same fd.
> I do not know about DoS on timers (did not follow the thread), but I could 
> easily implement it here, by capping the counter to some value, and return 
> POLLERR in poll().
> I'd prefer that instead of the re-arm on read thing.

The DoS is simple: create a bunch of periodic timers with 10usec period.
This can be done by any user.

There is no inaccuracy when you rearm the timer on read: hrtimer_forward
takes care, that the period is accurate. It does not start the timer out
of the periodic order, i.e. on a different time frame.

Where is the win of keeping the timer running, when nobody cares about
the expiry at all ? It just generates interrupts and events for nothing.

	tglx




-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/