Eric Dumazet says:
====================
net/packet: better behavior under DDOS
Using tcpdump (or other af_packet user) on a busy host can lead to
catastrophic consequences, because suddenly, potentially all cpus
are spinning on a contended spinlock.
Both packet_rcv() and tpacket_rcv() grab the spinlock
to eventually find there is no room for an additional packet.
This patch series align packet_rcv() and tpacket_rcv() to both
check if the queue is full before grabbing the spinlock.
If the queue is full, they both increment a new atomic counter
placed on a separate cache line to let readers drain the queue faster.
There is still false sharing on this new atomic counter,
we might in the future make it per cpu if there is interest.
====================
Acked-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
projects / platform / kernel / linux-rpi.git / commitdiff