lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANn89i+ZVR_qvYE3F+ogyhEKX0KjiW3vQx0R1V9GHNxm+EHt0g@mail.gmail.com>
Date: Thu, 26 Jun 2025 02:31:10 -0700
From: Eric Dumazet <edumazet@...gle.com>
To: "xin.guo" <guoxin0309@...il.com>
Cc: ncardwell@...gle.com, davem@...emloft.net, dsahern@...nel.org, 
	kuba@...nel.org, pabeni@...hat.com, netdev@...r.kernel.org
Subject: Re: [PATCH net-next v1] tcp: fix tcp_ofo_queue() to avoid including
 too much DUP SACK range

On Wed, Jun 25, 2025 at 9:03 AM Eric Dumazet <edumazet@...gle.com> wrote:
>
> On Wed, Jun 25, 2025 at 8:37 AM xin.guo <guoxin0309@...il.com> wrote:
> >
> > If the new coming segment covers more than one skbs in the ofo queue,
> > and which seq is equal to rcv_nxt , then the sequence range
> > that is not duplicated will be sent as DUP SACK,  the detail as below,
> > in step6, the {501,2001} range is clearly including too much
> > DUP SACK range:
> > 1. client.43629 > server.8080: Flags [.], seq 501:1001, ack 1325288529,
> > win 20000, length 500: HTTP
> > 2. server.8080 > client.43629: Flags [.], ack 1, win 65535, options
> > [nop,nop,TS val 269383721 ecr 200,nop,nop,sack 1 {501:1001}], length 0
> > 3. Iclient.43629 > server.8080: Flags [.], seq 1501:2001,
> > ack 1325288529, win 20000, length 500: HTTP
> > 4. server.8080 > client.43629: Flags [.], ack 1, win 65535, options
> > [nop,nop,TS val 269383721 ecr 200,nop,nop,sack 2 {1501:2001}
> > {501:1001}], length 0
> > 5. client.43629 > server.8080: Flags [.], seq 1:2001,
> > ack 1325288529, win 20000, length 2000: HTTP
> > 6. server.8080 > client.43629: Flags [.], ack 2001, win 65535,
> > options [nop,nop,TS val 269383722 ecr 200,nop,nop,sack 1 {501:2001}],
> > length 0
> >
> > After this fix, the step6 is as below:
> > 6. server.8080 > client.43629: Flags [.], ack 2001, win 65535,
> > options [nop,nop,TS val 269383722 ecr 200,nop,nop,sack 1 {501:1001}],
> > length 0
>
> I am not convinced this is the expected output ?
>
> If this is a DUP SACK, it should be :
>
> Flags [.], ack 2001, win 65535, ... sack 2 {1501:2001} {501:1001} ....
>
>

>
> At a first glance, bug is in tcp_dsack_extend()

After more thoughts and RFC 2883 read, I think your patch is correct.

I will include it in a series with two packetdrill tests, and another fix.
I will add appropriate Fixes: tag

Thanks !

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ