| commit | 669882388f320d92169ed8a58780ab67000ec1ac | |
| author | Henrique de Moraes Holschuh <hmh@hmh.eng.br> | |
| Sun, 3 May 2009 01:21:06 +0000 (2 22:21 -0300) | ||
| committer | Henrique de Moraes Holschuh <hmh@hmh.eng.br> | |
| Sun, 3 May 2009 01:21:06 +0000 (2 22:21 -0300) | ||
| tree | a6fc4548a814aec016f337b0ace9aff5f05f623f | treesnapshot (tar.gz zip) |
| parent | 3bf32dc1a21e090b5383283da0ce3b36c05be19c | commitdiff |
rfkill: rate-limit rfkill-input workqueue usage (v3)
Limit the number of "expensive" rfkill workqueue operations per second, in
order to not hog system resources too much when faced with a rogue source
of rfkill input events.
The old rfkill-input code (before it was refactored) had such a limit in
place. It used to drop new events that were past the rate limit. This
behaviour was not implemented as an anti-DoS measure, but rather as an
attempt to work around deficiencies in input device drivers which would
issue multiple KEY_FOO events too soon for a given key FOO (i.e. ones that
do not implement mechanical debouncing properly).
However, we can't really expect such issues to be worked around by every
input handler out there, and also by every userspace client of input
devices. It is the input device driver's responsability to do debouncing
instead of spamming the input layer with bogus events.
The new limiter code is focused only on anti-DoS behaviour, and tries to
not lose events (instead, it coalesces them when possible).
The transmitters are updated once every 200ms, maximum. Care is taken not
to delay a request to _enter_ rfkill transmitter Emergency Power Off (EPO)
mode.
If mistriggered (e.g. by a jiffies counter wrap), the code delays processing
*once* by 200ms.
Signed-off-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
Cc: Ivo van Doorn <IvDoorn@gmail.com>
Cc: Dmitry Torokhov <dtor@mail.ru>
Limit the number of "expensive" rfkill workqueue operations per second, in
order to not hog system resources too much when faced with a rogue source
of rfkill input events.
The old rfkill-input code (before it was refactored) had such a limit in
place. It used to drop new events that were past the rate limit. This
behaviour was not implemented as an anti-DoS measure, but rather as an
attempt to work around deficiencies in input device drivers which would
issue multiple KEY_FOO events too soon for a given key FOO (i.e. ones that
do not implement mechanical debouncing properly).
However, we can't really expect such issues to be worked around by every
input handler out there, and also by every userspace client of input
devices. It is the input device driver's responsability to do debouncing
instead of spamming the input layer with bogus events.
The new limiter code is focused only on anti-DoS behaviour, and tries to
not lose events (instead, it coalesces them when possible).
The transmitters are updated once every 200ms, maximum. Care is taken not
to delay a request to _enter_ rfkill transmitter Emergency Power Off (EPO)
mode.
If mistriggered (e.g. by a jiffies counter wrap), the code delays processing
*once* by 200ms.
Signed-off-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
Cc: Ivo van Doorn <IvDoorn@gmail.com>
Cc: Dmitry Torokhov <dtor@mail.ru>
| net/rfkill/rfkill-input.c | diffblobblamehistory |