[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id:
<170191862414.7525.5415234550799392597.git-patchwork-notify@kernel.org>
Date: Thu, 07 Dec 2023 03:10:24 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Eric Dumazet <edumazet@...gle.com>
Cc: davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com,
ncardwell@...gle.com, ycheng@...gle.com, soheil@...gle.com,
netdev@...r.kernel.org, eric.dumazet@...il.com, yepeng.pan@...pa.de,
rossow@...pa.de
Subject: Re: [PATCH net] tcp: do not accept ACK of bytes we never sent
Hello:
This patch was applied to netdev/net.git (main)
by Jakub Kicinski <kuba@...nel.org>:
On Tue, 5 Dec 2023 16:18:41 +0000 you wrote:
> This patch is based on a detailed report and ideas from Yepeng Pan
> and Christian Rossow.
>
> ACK seq validation is currently following RFC 5961 5.2 guidelines:
>
> The ACK value is considered acceptable only if
> it is in the range of ((SND.UNA - MAX.SND.WND) <= SEG.ACK <=
> SND.NXT). All incoming segments whose ACK value doesn't satisfy the
> above condition MUST be discarded and an ACK sent back. It needs to
> be noted that RFC 793 on page 72 (fifth check) says: "If the ACK is a
> duplicate (SEG.ACK < SND.UNA), it can be ignored. If the ACK
> acknowledges something not yet sent (SEG.ACK > SND.NXT) then send an
> ACK, drop the segment, and return". The "ignored" above implies that
> the processing of the incoming data segment continues, which means
> the ACK value is treated as acceptable. This mitigation makes the
> ACK check more stringent since any ACK < SND.UNA wouldn't be
> accepted, instead only ACKs that are in the range ((SND.UNA -
> MAX.SND.WND) <= SEG.ACK <= SND.NXT) get through.
>
> [...]
Here is the summary with links:
- [net] tcp: do not accept ACK of bytes we never sent
https://git.kernel.org/netdev/net/c/3d501dd326fb
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
Powered by blists - more mailing lists