| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 Sep 2018 00:23:32 -0700
From: Eric Dumazet <eric.dumazet@...il.com>
To: Ttttabcd <ttttabcd@...tonmail.com>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Re: Why not use all the syn queues? in the function
"tcp_conn_request", I have some questions.
On 09/03/2018 10:31 PM, Ttttabcd wrote:
> Hello everyone,recently I am looking at the source code for handling TCP three-way handshake(Linux Kernel version 4.18.5).
>
> I found some strange places in the source code for handling syn messages.
>
> in the function "tcp_conn_request"
>
> This code will be executed when we don't enable the syn cookies.
>
> if (!net->ipv4.sysctl_tcp_syncookies &&
> (net->ipv4.sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
> (net->ipv4.sysctl_max_syn_backlog >> 2)) &&
> !tcp_peer_is_proven(req, dst)) {
> /* Without syncookies last quarter of
> * backlog is filled with destinations,
> * proven to be alive.
> * It means that we continue to communicate
> * to destinations, already remembered
> * to the moment of synflood.
> */
> pr_drop_req(req, ntohs(tcp_hdr(skb)->source),
> rsk_ops->family);
> goto drop_and_release;
> }
>
> But why don't we use all the syn queues?
Isn't it explained in the comment ?
Anyway, I am not sure anyone disables syn cookies.
Powered by blists - more mailing lists