aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4/tcp_ipv4.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv4/tcp_ipv4.c')
-rw-r--r--net/ipv4/tcp_ipv4.c32
1 files changed, 16 insertions, 16 deletions
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index b299da5ff499..b14266bb91eb 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -821,8 +821,7 @@ static void tcp_v4_reqsk_send_ack(struct sock *sk, struct sk_buff *skb,
821 */ 821 */
822static int tcp_v4_send_synack(struct sock *sk, struct dst_entry *dst, 822static int tcp_v4_send_synack(struct sock *sk, struct dst_entry *dst,
823 struct request_sock *req, 823 struct request_sock *req,
824 u16 queue_mapping, 824 u16 queue_mapping)
825 bool nocache)
826{ 825{
827 const struct inet_request_sock *ireq = inet_rsk(req); 826 const struct inet_request_sock *ireq = inet_rsk(req);
828 struct flowi4 fl4; 827 struct flowi4 fl4;
@@ -852,7 +851,7 @@ static int tcp_v4_send_synack(struct sock *sk, struct dst_entry *dst,
852 851
853static int tcp_v4_rtx_synack(struct sock *sk, struct request_sock *req) 852static int tcp_v4_rtx_synack(struct sock *sk, struct request_sock *req)
854{ 853{
855 int res = tcp_v4_send_synack(sk, NULL, req, 0, false); 854 int res = tcp_v4_send_synack(sk, NULL, req, 0);
856 855
857 if (!res) 856 if (!res)
858 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS); 857 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
@@ -890,7 +889,7 @@ bool tcp_syn_flood_action(struct sock *sk,
890 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPREQQFULLDROP); 889 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPREQQFULLDROP);
891 890
892 lopt = inet_csk(sk)->icsk_accept_queue.listen_opt; 891 lopt = inet_csk(sk)->icsk_accept_queue.listen_opt;
893 if (!lopt->synflood_warned) { 892 if (!lopt->synflood_warned && sysctl_tcp_syncookies != 2) {
894 lopt->synflood_warned = 1; 893 lopt->synflood_warned = 1;
895 pr_info("%s: Possible SYN flooding on port %d. %s. Check SNMP counters.\n", 894 pr_info("%s: Possible SYN flooding on port %d. %s. Check SNMP counters.\n",
896 proto, ntohs(tcp_hdr(skb)->dest), msg); 895 proto, ntohs(tcp_hdr(skb)->dest), msg);
@@ -1316,9 +1315,11 @@ static bool tcp_fastopen_check(struct sock *sk, struct sk_buff *skb,
1316 tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->end_seq; 1315 tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1317 return true; 1316 return true;
1318 } 1317 }
1318
1319 if (foc->len == TCP_FASTOPEN_COOKIE_SIZE) { 1319 if (foc->len == TCP_FASTOPEN_COOKIE_SIZE) {
1320 if ((sysctl_tcp_fastopen & TFO_SERVER_COOKIE_NOT_CHKED) == 0) { 1320 if ((sysctl_tcp_fastopen & TFO_SERVER_COOKIE_NOT_CHKED) == 0) {
1321 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr, valid_foc); 1321 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr,
1322 ip_hdr(skb)->daddr, valid_foc);
1322 if ((valid_foc->len != TCP_FASTOPEN_COOKIE_SIZE) || 1323 if ((valid_foc->len != TCP_FASTOPEN_COOKIE_SIZE) ||
1323 memcmp(&foc->val[0], &valid_foc->val[0], 1324 memcmp(&foc->val[0], &valid_foc->val[0],
1324 TCP_FASTOPEN_COOKIE_SIZE) != 0) 1325 TCP_FASTOPEN_COOKIE_SIZE) != 0)
@@ -1329,14 +1330,16 @@ static bool tcp_fastopen_check(struct sock *sk, struct sk_buff *skb,
1329 tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->end_seq; 1330 tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
1330 return true; 1331 return true;
1331 } else if (foc->len == 0) { /* Client requesting a cookie */ 1332 } else if (foc->len == 0) { /* Client requesting a cookie */
1332 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr, valid_foc); 1333 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr,
1334 ip_hdr(skb)->daddr, valid_foc);
1333 NET_INC_STATS_BH(sock_net(sk), 1335 NET_INC_STATS_BH(sock_net(sk),
1334 LINUX_MIB_TCPFASTOPENCOOKIEREQD); 1336 LINUX_MIB_TCPFASTOPENCOOKIEREQD);
1335 } else { 1337 } else {
1336 /* Client sent a cookie with wrong size. Treat it 1338 /* Client sent a cookie with wrong size. Treat it
1337 * the same as invalid and return a valid one. 1339 * the same as invalid and return a valid one.
1338 */ 1340 */
1339 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr, valid_foc); 1341 tcp_fastopen_cookie_gen(ip_hdr(skb)->saddr,
1342 ip_hdr(skb)->daddr, valid_foc);
1340 } 1343 }
1341 return false; 1344 return false;
1342} 1345}
@@ -1462,7 +1465,8 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1462 * limitations, they conserve resources and peer is 1465 * limitations, they conserve resources and peer is
1463 * evidently real one. 1466 * evidently real one.
1464 */ 1467 */
1465 if (inet_csk_reqsk_queue_is_full(sk) && !isn) { 1468 if ((sysctl_tcp_syncookies == 2 ||
1469 inet_csk_reqsk_queue_is_full(sk)) && !isn) {
1466 want_cookie = tcp_syn_flood_action(sk, skb, "TCP"); 1470 want_cookie = tcp_syn_flood_action(sk, skb, "TCP");
1467 if (!want_cookie) 1471 if (!want_cookie)
1468 goto drop; 1472 goto drop;
@@ -1671,8 +1675,6 @@ struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1671 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss; 1675 newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
1672 1676
1673 tcp_initialize_rcv_mss(newsk); 1677 tcp_initialize_rcv_mss(newsk);
1674 tcp_synack_rtt_meas(newsk, req);
1675 newtp->total_retrans = req->num_retrans;
1676 1678
1677#ifdef CONFIG_TCP_MD5SIG 1679#ifdef CONFIG_TCP_MD5SIG
1678 /* Copy over the MD5 key from the original socket */ 1680 /* Copy over the MD5 key from the original socket */
@@ -1797,10 +1799,7 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
1797 sk->sk_rx_dst = NULL; 1799 sk->sk_rx_dst = NULL;
1798 } 1800 }
1799 } 1801 }
1800 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) { 1802 tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len);
1801 rsk = sk;
1802 goto reset;
1803 }
1804 return 0; 1803 return 0;
1805 } 1804 }
1806 1805
@@ -2605,7 +2604,7 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
2605 long delta = req->expires - jiffies; 2604 long delta = req->expires - jiffies;
2606 2605
2607 seq_printf(f, "%4d: %08X:%04X %08X:%04X" 2606 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2608 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %pK%n", 2607 " %02X %08X:%08X %02X:%08lX %08X %5u %8d %u %d %pK%n",
2609 i, 2608 i,
2610 ireq->loc_addr, 2609 ireq->loc_addr,
2611 ntohs(inet_sk(sk)->inet_sport), 2610 ntohs(inet_sk(sk)->inet_sport),
@@ -2663,7 +2662,7 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
2663 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0); 2662 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
2664 2663
2665 seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX " 2664 seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
2666 "%08X %5d %8d %lu %d %pK %lu %lu %u %u %d%n", 2665 "%08X %5u %8d %lu %d %pK %lu %lu %u %u %d%n",
2667 i, src, srcp, dest, destp, sk->sk_state, 2666 i, src, srcp, dest, destp, sk->sk_state,
2668 tp->write_seq - tp->snd_una, 2667 tp->write_seq - tp->snd_una,
2669 rx_queue, 2668 rx_queue,
@@ -2802,6 +2801,7 @@ struct proto tcp_prot = {
2802 .unhash = inet_unhash, 2801 .unhash = inet_unhash,
2803 .get_port = inet_csk_get_port, 2802 .get_port = inet_csk_get_port,
2804 .enter_memory_pressure = tcp_enter_memory_pressure, 2803 .enter_memory_pressure = tcp_enter_memory_pressure,
2804 .stream_memory_free = tcp_stream_memory_free,
2805 .sockets_allocated = &tcp_sockets_allocated, 2805 .sockets_allocated = &tcp_sockets_allocated,
2806 .orphan_count = &tcp_orphan_count, 2806 .orphan_count = &tcp_orphan_count,
2807 .memory_allocated = &tcp_memory_allocated, 2807 .memory_allocated = &tcp_memory_allocated,
generated by cgit v1.2.2 (git 2.25.0) at 2026-01-02 02:27:47 -0500