From owner-freebsd-bugs Mon Aug 12 15:10:14 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ED69C37B401 for ; Mon, 12 Aug 2002 15:10:05 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 820B843E75 for ; Mon, 12 Aug 2002 15:10:05 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g7CMA5JU028688 for ; Mon, 12 Aug 2002 15:10:05 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g7CMA4RG028686; Mon, 12 Aug 2002 15:10:04 -0700 (PDT) Date: Mon, 12 Aug 2002 15:10:04 -0700 (PDT) Message-Id: <200208122210.g7CMA4RG028686@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Bruce Evans Subject: Re: kern/41552: TCP timers' sysctl's overflow Reply-To: Bruce Evans Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR kern/41552; it has been noted by GNATS. From: Bruce Evans To: "G.P. de Boer" Cc: freebsd-gnats-submit@FreeBSD.ORG Subject: Re: kern/41552: TCP timers' sysctl's overflow Date: Tue, 13 Aug 2002 07:43:26 +1000 (EST) On Mon, 12 Aug 2002, G.P. de Boer wrote: [Garrett Wollman wrote] > > > When setting syscontrols like net.inet.tcp.keepidle on a system with > > > clocktick-granularity above 1000 Hz, there's an overflow triggered, > > > resulting in at least inaccurate, but sometimes negative TCP > > > timeouts. > > > >1 kHz timers are just barely within spec for TCP (using the 32-bit > >fields in RFC 1323). Um, that is for the TCP timers. I think these have nothing to do with HZ except that setting HZ to a large value breaks the scaling for them. > Anyway.. it's a integer overflow and it breaks stuff in nasty ways. It's > possible to DoS a host with malfunctioning keep-alives: I already had > more than 400 hanging connections (in LAST_ACK state) in a few days > on a moderately loaded server. The fix is there already, I just think it > should be in -RELEASE too. The overflow was fixed by jdp a couple of weeks ago in -current and RELENG_4. It is not fixed in any of the security branches. Do you want it there? I think the "fix" for most security bugs caused by unusual options is to not use unusual options. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message