diff options
author | Jeff Layton <jlayton@redhat.com> | 2008-10-20 11:51:57 -0400 |
---|---|---|
committer | J. Bruce Fields <bfields@citi.umich.edu> | 2009-01-06 11:53:47 -0500 |
commit | c9233eb7b0b11ef176d4bf68da2ce85464b6ec39 (patch) | |
tree | 22f9f999e0d48a5f3aae6b32f9ff702eb4db05cc /include/linux/sunrpc/svc.h | |
parent | 548eaca46b3cf4419b6c2be839a106d8641ffb70 (diff) |
sunrpc: add sv_maxconn field to svc_serv (try #3)
svc_check_conn_limits() attempts to prevent denial of service attacks
by having the service close old connections once it reaches a
threshold. This threshold is based on the number of threads in the
service:
(serv->sv_nrthreads + 3) * 20
Once we reach this, we drop the oldest connections and a printk pops
to warn the admin that they should increase the number of threads.
Increasing the number of threads isn't an option however for services
like lockd. We don't want to eliminate this check entirely for such
services but we need some way to increase this limit.
This patch adds a sv_maxconn field to the svc_serv struct. When it's
set to 0, we use the current method to calculate the max number of
connections. RPC services can then set this on an as-needed basis.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Neil Brown <neilb@suse.de>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Diffstat (limited to 'include/linux/sunrpc/svc.h')
-rw-r--r-- | include/linux/sunrpc/svc.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/include/linux/sunrpc/svc.h b/include/linux/sunrpc/svc.h index 3afe7fb403b2..3435d24bfe55 100644 --- a/include/linux/sunrpc/svc.h +++ b/include/linux/sunrpc/svc.h | |||
@@ -58,10 +58,13 @@ struct svc_serv { | |||
58 | struct svc_stat * sv_stats; /* RPC statistics */ | 58 | struct svc_stat * sv_stats; /* RPC statistics */ |
59 | spinlock_t sv_lock; | 59 | spinlock_t sv_lock; |
60 | unsigned int sv_nrthreads; /* # of server threads */ | 60 | unsigned int sv_nrthreads; /* # of server threads */ |
61 | unsigned int sv_maxconn; /* max connections allowed or | ||
62 | * '0' causing max to be based | ||
63 | * on number of threads. */ | ||
64 | |||
61 | unsigned int sv_max_payload; /* datagram payload size */ | 65 | unsigned int sv_max_payload; /* datagram payload size */ |
62 | unsigned int sv_max_mesg; /* max_payload + 1 page for overheads */ | 66 | unsigned int sv_max_mesg; /* max_payload + 1 page for overheads */ |
63 | unsigned int sv_xdrsize; /* XDR buffer size */ | 67 | unsigned int sv_xdrsize; /* XDR buffer size */ |
64 | |||
65 | struct list_head sv_permsocks; /* all permanent sockets */ | 68 | struct list_head sv_permsocks; /* all permanent sockets */ |
66 | struct list_head sv_tempsocks; /* all temporary sockets */ | 69 | struct list_head sv_tempsocks; /* all temporary sockets */ |
67 | int sv_tmpcnt; /* count of temporary sockets */ | 70 | int sv_tmpcnt; /* count of temporary sockets */ |