isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Set TCP_NODELAY on the socket used for intercept IPC to reduce latency.

Browse Source 
On some systems, Nagle's algorithm was delaying receipt of the data,
causing commands with intercept or log_subcmds to run slowly.
Related to Bug #1034.
This commit is contained in:
Todd C. Miller
2022-06-20 16:22:29 -06:00
parent b10201bdc4
commit 332a6afe77
2 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/exec_intercept.c
View File

@@ -25,6 +25,7 @@
#include <sys/socket.h> #include <sys/socket.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <netinet/tcp.h>
#if defined(HAVE_STDINT_H) #if defined(HAVE_STDINT_H)
# include <stdint.h> # include <stdint.h>
@@ -946,7 +947,7 @@ intercept_accept_cb(int fd, int what, void *v)
struct sudo_event_base *evbase = sudo_ev_get_base(&closure->ev); struct sudo_event_base *evbase = sudo_ev_get_base(&closure->ev);
struct sockaddr_in sin; struct sockaddr_in sin;
socklen_t sin_len = sizeof(sin); socklen_t sin_len = sizeof(sin);
int client_sock, flags; int client_sock, flags, on = 1;
debug_decl(intercept_accept_cb, SUDO_DEBUG_EXEC); debug_decl(intercept_accept_cb, SUDO_DEBUG_EXEC);
if (closure->state != RECV_CONNECTION) { if (closure->state != RECV_CONNECTION) {
@@ -967,6 +968,9 @@ intercept_accept_cb(int fd, int what, void *v)
if (flags != -1) if (flags != -1)
(void)fcntl(client_sock, F_SETFL, flags | O_NONBLOCK); (void)fcntl(client_sock, F_SETFL, flags | O_NONBLOCK);
/* Send data immediately, we need low latency IPC. */
(void)setsockopt(client_sock, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on));
/* /*
* Create a new intercept closure and register an event for client_sock. * Create a new intercept closure and register an event for client_sock.
*/ */

5
src/sudo_intercept_common.c
View File

@@ -26,6 +26,7 @@
#include <sys/types.h> #include <sys/types.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <netinet/tcp.h>
#if defined(HAVE_STDINT_H) #if defined(HAVE_STDINT_H)
# include <stdint.h> # include <stdint.h>
@@ -355,6 +356,7 @@ static int
intercept_connect(void) intercept_connect(void)
{ {
int sock = -1; int sock = -1;
int on = 1;
struct sockaddr_in sin; struct sockaddr_in sin;
debug_decl(command_allowed, SUDO_DEBUG_EXEC); debug_decl(command_allowed, SUDO_DEBUG_EXEC);
@@ -374,6 +376,9 @@ intercept_connect(void)
goto done; goto done;
} }
/* Send data immediately, we need low latency IPC. */
(void)setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on));
if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) == -1) { if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) == -1) {
sudo_warn("connect"); sudo_warn("connect");
close(sock); close(sock);