git: tcp/sack: Cleanup the SACK related bits when return from tcp_input slow path

Sepherosa Ziehau sephe at crater.dragonflybsd.org
Tue Apr 10 18:44:36 PDT 2012


commit d58ca578df67fe1215272bb28a52225b231314fd
Author: Sepherosa Ziehau <sephe at dragonflybsd.org>
Date:   Fri Apr 6 09:47:36 2012 +0800

    tcp/sack: Cleanup the SACK related bits when return from tcp_input slow path
    
    When the code path that could generate the invalid SACK block on out-of-order
    FIN segment was walked through, it turned out that some SACK related bits
    could be leftover from the previous input segment, e.g. SACKLEFT.
    
    Since the observed invalid SACK option contains only one SACK block and the
    block's right edge is same as its left edge, the code which can generate that
    SACK block could be run only if SACKLEFT is turned on and reportblk's start
    and end are same.
    - If SACKLEFT is on then reportblk's start and end must not be same, so the
      SACKLEFT is leftover from the previous input segment.
    - If KASSERTs about the clearance of the SACK bits are added immediately
      before returning from the tcp_input slow path, the KASSERTs could fail due
      to SACKLEFT are still on.
    
    Obviously the SACK related bits are never intended to be inheritted from one
    input segment to another input segment, so we just clear them before returning
    from the tcp_input slow path.

Summary of changes:
 sys/netinet/tcp_input.c |    6 ++++++
 sys/netinet/tcp_sack.c  |   10 ++++++++++
 sys/netinet/tcp_var.h   |    1 +
 3 files changed, 17 insertions(+), 0 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d58ca578df67fe1215272bb28a52225b231314fd


-- 
DragonFly BSD source repository





More information about the Commits mailing list