lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8beaf62e-6257-452d-904a-fec6b21c891e@kernel.org>
Date: Tue, 25 Feb 2025 11:48:23 +0100
From: Matthieu Baerts <matttbe@...nel.org>
To: Eric Dumazet <edumazet@...gle.com>
Cc: Paolo Abeni <pabeni@...hat.com>, Kuniyuki Iwashima <kuniyu@...zon.com>,
 Simon Horman <horms@...nel.org>, Florian Westphal <fw@...len.de>,
 netdev@...r.kernel.org, eric.dumazet@...il.com,
 Jakub Kicinski <kuba@...nel.org>, Yong-Hao Zou <yonghaoz1994@...il.com>,
 "David S . Miller" <davem@...emloft.net>,
 Neal Cardwell <ncardwell@...gle.com>
Subject: Re: [PATCH net-next] tcp: be less liberal in tsecr received while in
 SYN_RECV state

On 25/02/2025 11:42, Eric Dumazet wrote:
> On Tue, Feb 25, 2025 at 11:39 AM Eric Dumazet <edumazet@...gle.com> wrote:
>>
> 
>>
>> Yes, this would be it :
>>
>> diff --git a/net/ipv4/tcp_timer.c b/net/ipv4/tcp_timer.c
>> index 728bce01ccd3ddb1f374fa96b86434a415dbe2cb..3555567ba4fb1ccd5c5921e39d11ff08f1d0cafd
>> 100644
>> --- a/net/ipv4/tcp_timer.c
>> +++ b/net/ipv4/tcp_timer.c
>> @@ -477,8 +477,8 @@ static void tcp_fastopen_synack_timer(struct sock
>> *sk, struct request_sock *req)
>>          * regular retransmit because if the child socket has been accepted
>>          * it's not good to give up too easily.
>>          */
>> -       inet_rtx_syn_ack(sk, req);
>>         req->num_timeout++;
>> +       inet_rtx_syn_ack(sk, req);
>>         tcp_update_rto_stats(sk);
>>         if (!tp->retrans_stamp)
>>                 tp->retrans_stamp = tcp_time_stamp_ts(tp);
> 
> Obviously, I need to refine the patch and send a V2 later.

Sorry, I still have the issue with this modification. I also checked
with the previous patch, just to be sure, but the problem is still there
as well.

(In the v2, do you mind also removing the underscore from the MIB entry
name (TcpExtTSECR_Rejected) please? It looks like that's the only MIB
entry with an underscore.)

Cheers,
Matt
-- 
Sponsored by the NGI0 Core fund.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ