From bright@wintelcom.net Tue Jun 13 17:04:32 2000 Date: Tue, 13 Jun 2000 17:23:37 -0700 From: Alfred Perlstein To: hackers@freebsd.org Subject: big patch: rlimits, accept filters and kblob. Message-ID: <20000613172336.S18462@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i Status: RO Content-Length: 1856 Lines: 52 Hey guys, I have some patches here which implement a number of things. 1) fixes dangerous races in per-uid limiting code 2) 2 accept filters which will not mark a socket as completed for accept() until either: 1) there is data available to be read 2) there is an http request in the socketbuffer 3) kblob, a kernel hack for preloading data into the kernel to send out on multiple descriptors, very similar to sendfile but more lightweight and pretty useful for serving many small chunks of data over stream sockets. I'd really like to commit this stuff pretty soon after i polish it up just a bit more... but I'd like some guidance for the polishing part. Here's some implementation details about kblob: A pointer to an address and a length is given to a syscall which creates a file referernce as a kblob. Then there is kblobsend which works in the same manner as sendfile except that instead of a vnode it expects a kblob fd. I know the conerns about users exahusting KVM via kblobs, and I'd like some feedback, some options come to mind: 1) kblobs not in the default kernel (don't like this) 2) kblobs limited via a sysctl for max per uid. 3) default entries in /etc/login.conf for 0. I've already implemented rlimits so #3 seems pretty attractive. You can grab the code at: http://people.freebsd.org/~alfred/kblob/kblob.diff to be applied via 'patch' from /usr/src and: http://people.freebsd.org/~alfred/kblob/kern_blob.c which needs to go into src/sys/kern you also need "options KBLOB" in your kernel config. Engineers at Yahoo provided the http accept filter and my delayed accept filter is a stripped down version of it, really cool stuff! Questions, comments, suggestions, flames? Manpages will be written up and patched soon after commit. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message