Le mardi 13 avril 2010 à 20:39 +0300, Michael S. Tsirkin a écrit : > > When a socket with inflight tx packets is closed, we dont block the > > close, we only delay the socket freeing once all packets were delivered > > and freed. > > > > Which is wrong, since this is under userspace control, so you get > unkillable processes. >
We do not get unkillable processes, at least with sockets I was thinking about (TCP/UDP ones). Maybe tun sockets can behave the same ? Herbert Acked your patch, so I guess its OK, but I think it can be dangerous. Anyway my feeling is that we try to add various mechanisms to keep a hostile user flooding another one. For example, UDP got memory accounting quite recently, and we added socket backlog limits very recently. It was considered not needed few years ago.
