| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180329112009.1379-1-cugyly@163.com>
Date: Thu, 29 Mar 2018 19:20:09 +0800
From: yuan linyu <cugyly@....com>
To: netdev@...r.kernel.org
Cc: "David S . Miller" <davem@...emloft.net>,
yuan linyu <Linyu.Yuan@...atel-sbell.com.cn>
Subject: [PATCH net-next] net: tcp: update mib LISTENOVERFLOWS if syn flood
From: yuan linyu <Linyu.Yuan@...atel-sbell.com.cn>
it's better to update mib LISTENOVERFLOWS even if packet is flood
Signed-off-by: yuan linyu <Linyu.Yuan@...atel-sbell.com.cn>
---
net/ipv4/tcp_input.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 451ef3012636..581f5b03ae54 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -6220,6 +6220,7 @@ int tcp_conn_request(struct request_sock_ops *rsk_ops,
struct sock *fastopen_sk = NULL;
struct request_sock *req;
bool want_cookie = false;
+ bool want_drop = false;
struct dst_entry *dst;
struct flowi fl;
@@ -6231,14 +6232,17 @@ int tcp_conn_request(struct request_sock_ops *rsk_ops,
inet_csk_reqsk_queue_is_full(sk)) && !isn) {
want_cookie = tcp_syn_flood_action(sk, skb, rsk_ops->slab_name);
if (!want_cookie)
- goto drop;
+ want_drop = true;
}
if (sk_acceptq_is_full(sk)) {
NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
- goto drop;
+ want_drop = true;
}
+ if (want_drop)
+ goto drop;
+
req = inet_reqsk_alloc(rsk_ops, sk, !want_cookie);
if (!req)
goto drop;
--
2.14.1
Powered by blists - more mailing lists