| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e90fd3b5-037b-276a-f217-56da56354d8d@gmail.com>
Date: Fri, 27 Dec 2019 16:49:33 -0800
From: Eric Dumazet <eric.dumazet@...il.com>
To: Cambda Zhu <cambda@...ux.alibaba.com>,
Eric Dumazet <edumazet@...gle.com>
Cc: David Miller <davem@...emloft.net>,
Yuchung Cheng <ycheng@...gle.com>,
netdev <netdev@...r.kernel.org>,
Dust Li <dust.li@...ux.alibaba.com>
Subject: Re: [PATCH] tcp: Fix highest_sack and highest_sack_seq
On 12/27/19 12:52 AM, Cambda Zhu wrote:
> From commit 50895b9de1d3 ("tcp: highest_sack fix"), the logic about
> setting tp->highest_sack to the head of the send queue was removed.
> Of course the logic is error prone, but it is logical. Before we
> remove the pointer to the highest sack skb and use the seq instead,
> we need to set tp->highest_sack to NULL when there is no skb after
> the last sack, and then replace NULL with the real skb when new skb
> inserted into the rtx queue, because the NULL means the highest sack
> seq is tp->snd_nxt. If tp->highest_sack is NULL and new data sent,
> the next ACK with sack option will increase tp->reordering unexpectedly.
>
> This patch sets tp->highest_sack to the tail of the rtx queue if
> it's NULL and new data is sent. The patch keeps the rule that the
> highest_sack can only be maintained by sack processing, except for
> this only case.
>
> Fixes: 50895b9de1d3 ("tcp: highest_sack fix")
> Signed-off-by: Cambda Zhu <cambda@...ux.alibaba.com>
> ---
> net/ipv4/tcp_output.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
> index 1f7735ca8f22..58c92a7d671c 100644
> --- a/net/ipv4/tcp_output.c
> +++ b/net/ipv4/tcp_output.c
> @@ -72,6 +72,9 @@ static void tcp_event_new_data_sent(struct sock *sk, struct sk_buff *skb)
> __skb_unlink(skb, &sk->sk_write_queue);
> tcp_rbtree_insert(&sk->tcp_rtx_queue, skb);
>
> + if (tp->highest_sack == NULL)
> + tp->highest_sack = skb;
> +
> tp->packets_out += tcp_skb_pcount(skb);
> if (!prior_packets || icsk->icsk_pending == ICSK_TIME_LOSS_PROBE)
> tcp_rearm_rto(sk);
>
This patch seems to keep something in the fast path, even for flows never experiencing
sacks.
Why would we always painfully maintain tp->highest_sack to the left most skb in the rtx queue ?
Given that tcp_highest_sack_seq() has an explicit check about tp->highest_sack being NULL,
there is something I do not quite understand yet.
Why keeping this piece of code ?
if (tp->highest_sack == NULL)
return tp->snd_nxt;
Defensive programming should be replaced by better knowledge.
Can you provide more explanations, or maybe a packetdrill test ?
Maybe some other path (in slow path this time) misses a !tp->highest_sack test.
Thanks.
Powered by blists - more mailing lists