1. 17 6月, 2008 1 次提交
  2. 15 6月, 2008 1 次提交
  3. 13 6月, 2008 1 次提交
    • D
      tcp: Revert 'process defer accept as established' changes. · ec0a1966
      David S. Miller 提交于
      This reverts two changesets, ec3c0982
      ("[TCP]: TCP_DEFER_ACCEPT updates - process as established") and
      the follow-on bug fix 9ae27e0a
      ("tcp: Fix slab corruption with ipv6 and tcp6fuzz").
      
      This change causes several problems, first reported by Ingo Molnar
      as a distcc-over-loopback regression where connections were getting
      stuck.
      
      Ilpo Järvinen first spotted the locking problems.  The new function
      added by this code, tcp_defer_accept_check(), only has the
      child socket locked, yet it is modifying state of the parent
      listening socket.
      
      Fixing that is non-trivial at best, because we can't simply just grab
      the parent listening socket lock at this point, because it would
      create an ABBA deadlock.  The normal ordering is parent listening
      socket --> child socket, but this code path would require the
      reverse lock ordering.
      
      Next is a problem noticed by Vitaliy Gusev, he noted:
      
      ----------------------------------------
      >--- a/net/ipv4/tcp_timer.c
      >+++ b/net/ipv4/tcp_timer.c
      >@@ -481,6 +481,11 @@ static void tcp_keepalive_timer (unsigned long data)
      > 		goto death;
      > 	}
      >
      >+	if (tp->defer_tcp_accept.request && sk->sk_state == TCP_ESTABLISHED) {
      >+		tcp_send_active_reset(sk, GFP_ATOMIC);
      >+		goto death;
      
      Here socket sk is not attached to listening socket's request queue. tcp_done()
      will not call inet_csk_destroy_sock() (and tcp_v4_destroy_sock() which should
      release this sk) as socket is not DEAD. Therefore socket sk will be lost for
      freeing.
      ----------------------------------------
      
      Finally, Alexey Kuznetsov argues that there might not even be any
      real value or advantage to these new semantics even if we fix all
      of the bugs:
      
      ----------------------------------------
      Hiding from accept() sockets with only out-of-order data only
      is the only thing which is impossible with old approach. Is this really
      so valuable? My opinion: no, this is nothing but a new loophole
      to consume memory without control.
      ----------------------------------------
      
      So revert this thing for now.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ec0a1966
  4. 12 6月, 2008 5 次提交
  5. 11 6月, 2008 1 次提交
  6. 02 5月, 2008 1 次提交
  7. 24 4月, 2008 1 次提交
  8. 14 4月, 2008 7 次提交
  9. 10 4月, 2008 1 次提交
    • F
      [Syncookies]: Add support for TCP options via timestamps. · 4dfc2817
      Florian Westphal 提交于
      Allow the use of SACK and window scaling when syncookies are used
      and the client supports tcp timestamps. Options are encoded into
      the timestamp sent in the syn-ack and restored from the timestamp
      echo when the ack is received.
      
      Based on earlier work by Glenn Griffin.
      This patch avoids increasing the size of structs by encoding TCP
      options into the least significant bits of the timestamp and
      by not using any 'timestamp offset'.
      
      The downside is that the timestamp sent in the packet after the synack
      will increase by several seconds.
      
      changes since v1:
       don't duplicate timestamp echo decoding function, put it into ipv4/syncookie.c
       and have ipv6/syncookies.c use it.
       Feedback from Glenn Griffin: fix line indented with spaces, kill redundant if ()
      Reviewed-by: NHagen Paul Pfeifer <hagen@jauu.net>
      Signed-off-by: NFlorian Westphal <fw@strlen.de>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4dfc2817
  10. 04 4月, 2008 6 次提交
  11. 29 3月, 2008 1 次提交
  12. 26 3月, 2008 3 次提交
  13. 25 3月, 2008 1 次提交
  14. 23 3月, 2008 1 次提交
    • P
      [SOCK]: Add udp_hash member to struct proto. · 39d8cda7
      Pavel Emelyanov 提交于
      Inspired by the commit ab1e0a13 ([SOCK] proto: Add hashinfo member to 
      struct proto) from Arnaldo, I made similar thing for UDP/-Lite IPv4 
      and -v6 protocols.
      
      The result is not that exciting, but it removes some levels of
      indirection in udpxxx_get_port and saves some space in code and text.
      
      The first step is to union existing hashinfo and new udp_hash on the
      struct proto and give a name to this union, since future initialization 
      of tcpxxx_prot, dccp_vx_protinfo and udpxxx_protinfo will cause gcc 
      warning about inability to initialize anonymous member this way.
      Signed-off-by: NPavel Emelyanov <xemul@openvz.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      39d8cda7
  15. 22 3月, 2008 2 次提交
    • P
      [TCP]: TCP_DEFER_ACCEPT updates - process as established · ec3c0982
      Patrick McManus 提交于
      Change TCP_DEFER_ACCEPT implementation so that it transitions a
      connection to ESTABLISHED after handshake is complete instead of
      leaving it in SYN-RECV until some data arrvies. Place connection in
      accept queue when first data packet arrives from slow path.
      
      Benefits:
        - established connection is now reset if it never makes it
         to the accept queue
      
       - diagnostic state of established matches with the packet traces
         showing completed handshake
      
       - TCP_DEFER_ACCEPT timeouts are expressed in seconds and can now be
         enforced with reasonable accuracy instead of rounding up to next
         exponential back-off of syn-ack retry.
      Signed-off-by: NPatrick McManus <mcmanus@ducksong.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ec3c0982
    • P
      [NET]: NULL pointer dereference and other nasty things in /proc/net/(tcp|udp)[6] · 28518fc1
      Pavel Emelyanov 提交于
      Commits f40c81 ([NETNS][IPV4] tcp - make proc handle the network
      namespaces) and a91275 ([NETNS][IPV6] udp - make proc handle the
      network namespace) both introduced bad checks on sockets and tw
      buckets to belong to proper net namespace.
      
      I.e. when checking for socket to belong to given net and family the
      
      	do {
      		sk = sk_next(sk);
      	} while (sk && sk->sk_net != net && sk->sk_family != family);
      
      constructions were used. This is wrong, since as soon as the
      sk->sk_net fits the net the socket is immediately returned, even if it
      belongs to other family.
      
      As the result four /proc/net/(udp|tcp)[6] entries show wrong info.
      The udp6 entry even oopses when dereferencing inet6_sk(sk) pointer:
      
      static void udp6_sock_seq_show(struct seq_file *seq, struct sock *sp, int bucket)
      {
      	...
              struct ipv6_pinfo *np = inet6_sk(sp);
      	...
      
              dest  = &np->daddr; /* will be NULL for AF_INET sockets */
      	...
      	seq_printf(...
      	           dest->s6_addr32[0], dest->s6_addr32[1],
                         dest->s6_addr32[2], dest->s6_addr32[3],
      	...
      
      Fix it by converting && to ||.
      Signed-off-by: NPavel Emelyanov <xemul@openvz.org>
      Acked-by: NDaniel Lezcano <dlezcano@fr.ibm.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      28518fc1
  16. 21 3月, 2008 2 次提交
  17. 06 3月, 2008 1 次提交
  18. 04 3月, 2008 1 次提交
  19. 01 3月, 2008 2 次提交
  20. 18 2月, 2008 1 次提交