lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250509211820.36880-9-chia-yu.chang@nokia-bell-labs.com> Date: Fri, 9 May 2025 23:18:13 +0200 From: chia-yu.chang@...ia-bell-labs.com To: horms@...nel.org, dsahern@...nel.org, kuniyu@...zon.com, bpf@...r.kernel.org, netdev@...r.kernel.org, dave.taht@...il.com, pabeni@...hat.com, jhs@...atatu.com, kuba@...nel.org, stephen@...workplumber.org, xiyou.wangcong@...il.com, jiri@...nulli.us, davem@...emloft.net, edumazet@...gle.com, andrew+netdev@...n.ch, donald.hunter@...il.com, ast@...erby.net, liuhangbin@...il.com, shuah@...nel.org, linux-kselftest@...r.kernel.org, ij@...nel.org, ncardwell@...gle.com, koen.de_schepper@...ia-bell-labs.com, g.white@...lelabs.com, ingemar.s.johansson@...csson.com, mirja.kuehlewind@...csson.com, cheshire@...le.com, rs.ietf@....at, Jason_Livingood@...cast.com, vidhi_goel@...le.com Cc: Chia-Yu Chang <chia-yu.chang@...ia-bell-labs.com> Subject: [PATCH v6 net-next 08/15] tcp: sack option handling improvements From: Ilpo Järvinen <ij@...nel.org> 1) Don't early return when sack doesn't fit. AccECN code will be placed after this fragment so no early returns please. 2) Make sure opts->num_sack_blocks is not left undefined. E.g., tcp_current_mss() does not memset its opts struct to zero. AccECN code checks if SACK option is present and may even alter it to make room for AccECN option when many SACK blocks are present. Thus, num_sack_blocks needs to be always valid. Signed-off-by: Ilpo Järvinen <ij@...nel.org> Signed-off-by: Chia-Yu Chang <chia-yu.chang@...ia-bell-labs.com> --- net/ipv4/tcp_output.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index b4eac0725682..f2ce46476c41 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -1091,17 +1091,18 @@ static unsigned int tcp_established_options(struct sock *sk, struct sk_buff *skb eff_sacks = tp->rx_opt.num_sacks + tp->rx_opt.dsack; if (unlikely(eff_sacks)) { const unsigned int remaining = MAX_TCP_OPTION_SPACE - size; - if (unlikely(remaining < TCPOLEN_SACK_BASE_ALIGNED + - TCPOLEN_SACK_PERBLOCK)) - return size; - - opts->num_sack_blocks = - min_t(unsigned int, eff_sacks, - (remaining - TCPOLEN_SACK_BASE_ALIGNED) / - TCPOLEN_SACK_PERBLOCK); - - size += TCPOLEN_SACK_BASE_ALIGNED + - opts->num_sack_blocks * TCPOLEN_SACK_PERBLOCK; + if (likely(remaining >= TCPOLEN_SACK_BASE_ALIGNED + + TCPOLEN_SACK_PERBLOCK)) { + opts->num_sack_blocks = + min_t(unsigned int, eff_sacks, + (remaining - TCPOLEN_SACK_BASE_ALIGNED) / + TCPOLEN_SACK_PERBLOCK); + + size += TCPOLEN_SACK_BASE_ALIGNED + + opts->num_sack_blocks * TCPOLEN_SACK_PERBLOCK; + } + } else { + opts->num_sack_blocks = 0; } if (unlikely(BPF_SOCK_OPS_TEST_FLAG(tp, -- 2.34.1
Powered by blists - more mailing lists