Revision 72cd43ba64fc172a443410ce01645895850844c8 authored by Eric Dumazet on 23 July 2018, 16:28:17 UTC, committed by David S. Miller on 23 July 2018, 19:01:36 UTC
Juha-Matti Tilli reported that malicious peers could inject tiny packets in out_of_order_queue, forcing very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet. out_of_order_queue rb-tree can contain thousands of nodes, iterating over all of them is not nice. Before linux-4.9, we would have pruned all packets in ofo_queue in one go, every XXXX packets. XXXX depends on sk_rcvbuf and skbs truesize, but is about 7000 packets with tcp_rmem[2] default of 6 MB. Since we plan to increase tcp_rmem[2] in the future to cope with modern BDP, can not revert to the old behavior, without great pain. Strategy taken in this patch is to purge ~12.5 % of the queue capacity. Fixes: 36a6503fedda ("tcp: refine tcp_prune_ofo_queue() to not drop all packets") Signed-off-by: Eric Dumazet <edumazet@google.com> Reported-by: Juha-Matti Tilli <juha-matti.tilli@iki.fi> Acked-by: Yuchung Cheng <ycheng@google.com> Acked-by: Soheil Hassas Yeganeh <soheil@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent 3dd1c9a
File | Mode | Size |
---|---|---|
apparmor | ||
integrity | ||
keys | ||
loadpin | ||
selinux | ||
smack | ||
tomoyo | ||
yama | ||
Kconfig | -rw-r--r-- | 9.8 KB |
Makefile | -rw-r--r-- | 1.0 KB |
commoncap.c | -rw-r--r-- | 39.1 KB |
device_cgroup.c | -rw-r--r-- | 20.4 KB |
inode.c | -rw-r--r-- | 10.5 KB |
lsm_audit.c | -rw-r--r-- | 10.6 KB |
min_addr.c | -rw-r--r-- | 1.3 KB |
security.c | -rw-r--r-- | 44.7 KB |
Computing file changes ...