lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 02 Mar 2015 17:29:56 +0800 From: Fan Du <fengyuleidian0615@...il.com> To: John Heffner <johnwheffner@...il.com> CC: Fan Du <fan.du@...el.com>, edumazet@...gle.com, David Miller <davem@...emloft.net>, Netdev <netdev@...r.kernel.org> Subject: Re: [PATCHv3 net-next 3/4] ipv4: shrink current mss for tcp PMTU blackhole detection 于 2015年03月01日 07:39, John Heffner 写道: > On Fri, Feb 27, 2015 at 10:23 PM, Fan Du<fan.du@...el.com> wrote: >> >Reducing current tcp mss instead of search_low will make >> >more sense, as current tcp mss still got lost. >> >@@ -113,7 +114,8 @@ static void tcp_mtu_probing(struct inet_connection_sock *icsk, struct sock *sk) >> > struct tcp_sock *tp = tcp_sk(sk); >> > int mss; >> > >> >- mss = tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_low) >> 1; >> >+ /* try mss smaller than current mss */ >> >+ mss = tcp_current_mss(sk) >> 1; >> > mss = min(net->ipv4.sysctl_tcp_base_mss, mss); >> > mss = max(mss, 68 - tp->tcp_header_len); >> > icsk->icsk_mtup.search_low = tcp_mss_to_mtu(sk, mss); >> >@@ -176,7 +178,7 @@ static int tcp_write_timeout(struct sock *sk) > I don't believe there's a problem with the code as written. Modulo > headers, search_low <= mss =< search_high. This code, on successive > timeouts, widens the search range by adjusting search_low (and mss) > downward. With original approach(doubling mss), mss is not in between search_low and search_high, it always equates search_low(subtract headers), the potential mss in case of blackhole is 256 and 128, after doubling, it will become 512 and 256 eventually no matter how route changes, even mtu reduced from 1500 to 1100 in intermediate node. After using binary search, halve search_low will make search window left boundary expending in a slower manner, as a result the limit of mss is search_high/2, because search_high does not change. Timeout indicates search_high should be set to the new mtu corresponding to current_mss no matter how we change search_low. So the best shot here IMO would be updating search_high with current_mss, which in return makes the search window *slide* from right to left, and the probing will converge in good speed eventually. So my thoughts is: @@ -113,6 +113,7 @@ static void tcp_mtu_probing(struct inet_connection_sock *icsk, struct sock *sk) struct tcp_sock *tp = tcp_sk(sk); int mss; + icsk_mtup.search_high = tcp_mss_to_mtu(sk, tcp_current_mss(sk)); mss = tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_low) >> 1; mss = min(net->ipv4.sysctl_tcp_base_mss, mss); mss = max(mss, 68 - tp->tcp_header_len); -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists