On Sun, 2007-04-01 at 10:00 -0700, Davide Libenzi wrote:
> > For periodic timers we probably want to know also about missed ticks,
> > i.e. when the timer was delayed.
> >
> > I changed recently the rearm handling code of itimers to prevent DoS
> > attacks. See commit 8bfd9a7a229b5f3d3eda5d7d45c2eebec5b4ba16. The posix
> > timer code has a similar mechanism.
> >
> > Probably we should do the same here. That means that we defer the
> > restart of the timer to the process context.
>
> But timerfd has that implicit, in the ticks counter. So if you get ticks > 1
> it means you did not read-out (miss) one or more.
> By re-arming the timer whenever you read it, that may be some time after
> it expired. IMO the behaviour is better as it is now, and if you want the
> new timer sequence start at a new timeframe, you just use timerfd with the
> same fd.
> I do not know about DoS on timers (did not follow the thread), but I could
> easily implement it here, by capping the counter to some value, and return
> POLLERR in poll().
> I'd prefer that instead of the re-arm on read thing.
The DoS is simple: create a bunch of periodic timers with 10usec period.
This can be done by any user.
There is no inaccuracy when you rearm the timer on read: hrtimer_forward
takes care, that the period is accurate. It does not start the timer out
of the periodic order, i.e. on a different time frame.
Where is the win of keeping the timer running, when nobody cares about
the expiry at all ? It just generates interrupts and events for nothing.
tglx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
