netdev - Re: [PATCH bpf-next 1/2] bpf: Adds support for setting window clamp

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date:   Mon, 30 Nov 2020 17:34:03 -0800
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     Prankur gupta <prankgup@...com>
Cc:     bpf <bpf@...r.kernel.org>, Kernel Team <kernel-team@...com>,
        Network Development <netdev@...r.kernel.org>
Subject: Re: [PATCH bpf-next 1/2] bpf: Adds support for setting window clamp

On Mon, Nov 30, 2020 at 4:07 PM Prankur gupta <prankgup@...com> wrote:
>
> Adds a new bpf_setsockopt for TCP sockets, TCP_BPF_WINDOW_CLAMP,
> which sets the maximum receiver window size. It will be useful for
> limiting receiver window based on RTT.
>
> Signed-off-by: Prankur gupta <prankgup@...com>
> ---
>  net/core/filter.c | 8 ++++++++
>  1 file changed, 8 insertions(+)
>
> diff --git a/net/core/filter.c b/net/core/filter.c
> index 2ca5eecebacf..cb006962b677 100644
> --- a/net/core/filter.c
> +++ b/net/core/filter.c
> @@ -4910,6 +4910,14 @@ static int _bpf_setsockopt(struct sock *sk, int level, int optname,
>                                 tp->notsent_lowat = val;
>                                 sk->sk_write_space(sk);
>                                 break;
> +                       case TCP_WINDOW_CLAMP:
> +                               if (val <= 0)
> +                                       ret = -EINVAL;

Why zero is not allowed?
Normal setsockopt() allows it.

> +                               else
> +                                       tp->window_clamp =
> +                                               max_t(int, val,
> +                                                     SOCK_MIN_RCVBUF / 2);
> +                               break;
>                         default:
>                                 ret = -EINVAL;
>                         }
> --
> 2.24.1
>