diff options
| author | Eric Dumazet <edumazet@google.com> | 2015-10-14 09:16:49 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2015-10-14 22:06:32 -0400 |
| commit | f985c65c908f6b26c30019a83dc5ea295f5fcf62 (patch) | |
| tree | f16e00e81bc17fdf6b257b38a85c048d34faf692 | |
| parent | c2f34a65a61cd1ace3b53c93e8b38d2f79f4ff0d (diff) | |
tcp: avoid spurious SYN flood detection at listen() time
At listen() time, there is a small window where listener is visible with
a zero backlog, triggering a spurious "Possible SYN flooding on port"
message.
Nothing prevents us from setting the correct backlog.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | include/net/inet_connection_sock.h | 2 | ||||
| -rw-r--r-- | net/ipv4/inet_connection_sock.c | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/include/net/inet_connection_sock.h b/include/net/inet_connection_sock.h index 3208a65d1c28..fd645c49e71e 100644 --- a/include/net/inet_connection_sock.h +++ b/include/net/inet_connection_sock.h | |||
| @@ -312,7 +312,7 @@ static inline unsigned int inet_csk_listen_poll(const struct sock *sk) | |||
| 312 | (POLLIN | POLLRDNORM) : 0; | 312 | (POLLIN | POLLRDNORM) : 0; |
| 313 | } | 313 | } |
| 314 | 314 | ||
| 315 | int inet_csk_listen_start(struct sock *sk, const int nr_table_entries); | 315 | int inet_csk_listen_start(struct sock *sk, int backlog); |
| 316 | void inet_csk_listen_stop(struct sock *sk); | 316 | void inet_csk_listen_stop(struct sock *sk); |
| 317 | 317 | ||
| 318 | void inet_csk_addr2sockaddr(struct sock *sk, struct sockaddr *uaddr); | 318 | void inet_csk_addr2sockaddr(struct sock *sk, struct sockaddr *uaddr); |
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c index 514b9e910bd4..ba9ec9a0d0ce 100644 --- a/net/ipv4/inet_connection_sock.c +++ b/net/ipv4/inet_connection_sock.c | |||
| @@ -727,14 +727,14 @@ void inet_csk_prepare_forced_close(struct sock *sk) | |||
| 727 | } | 727 | } |
| 728 | EXPORT_SYMBOL(inet_csk_prepare_forced_close); | 728 | EXPORT_SYMBOL(inet_csk_prepare_forced_close); |
| 729 | 729 | ||
| 730 | int inet_csk_listen_start(struct sock *sk, const int nr_table_entries) | 730 | int inet_csk_listen_start(struct sock *sk, int backlog) |
| 731 | { | 731 | { |
| 732 | struct inet_connection_sock *icsk = inet_csk(sk); | 732 | struct inet_connection_sock *icsk = inet_csk(sk); |
| 733 | struct inet_sock *inet = inet_sk(sk); | 733 | struct inet_sock *inet = inet_sk(sk); |
| 734 | 734 | ||
| 735 | reqsk_queue_alloc(&icsk->icsk_accept_queue); | 735 | reqsk_queue_alloc(&icsk->icsk_accept_queue); |
| 736 | 736 | ||
| 737 | sk->sk_max_ack_backlog = 0; | 737 | sk->sk_max_ack_backlog = backlog; |
| 738 | sk->sk_ack_backlog = 0; | 738 | sk->sk_ack_backlog = 0; |
| 739 | inet_csk_delack_init(sk); | 739 | inet_csk_delack_init(sk); |
| 740 | 740 | ||