提交 de553c18 编写于 作者: G Gerrit Renker 提交者: David S. Miller

[DCCP] ccid3: Sanity-check RTT samples

CCID3 performance depends much on the accuracy of RTT samples.  If RTT
samples grow too large, performance can be catastrophically poor.

To limit the amount of possible damage in such cases, the patch
 * introduces an upper limit which identifies a maximum `sane' RTT value;
 * uses a macro to enforce this upper limit.

Using a macro was given preference, since it is necessary to identify the
calling function in the warning message. Since exceeding this threshold
identifies a critical condition, DCCP_CRIT is used and not DCCP_WARN.

Many thanks to Ian McDonald for collaboration on this issue.
Signed-off-by: NGerrit Renker <gerrit@erg.abdn.ac.uk>
Acked-by: NIan McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: NArnaldo Carvalho de Melo <acme@mandriva.com>
上级 fe0499ae
...@@ -456,8 +456,9 @@ static void ccid3_hc_tx_packet_recv(struct sock *sk, struct sk_buff *skb) ...@@ -456,8 +456,9 @@ static void ccid3_hc_tx_packet_recv(struct sock *sk, struct sk_buff *skb)
r_sample, t_elapsed); r_sample, t_elapsed);
else else
r_sample -= t_elapsed; r_sample -= t_elapsed;
CCID3_RTT_SANITY_CHECK(r_sample);
/* Update RTT estimate by /* Update RTT estimate by
* If (No feedback recv) * If (No feedback recv)
* R = R_sample; * R = R_sample;
* Else * Else
...@@ -1000,6 +1001,7 @@ static void ccid3_hc_rx_packet_recv(struct sock *sk, struct sk_buff *skb) ...@@ -1000,6 +1001,7 @@ static void ccid3_hc_rx_packet_recv(struct sock *sk, struct sk_buff *skb)
r_sample, t_elapsed); r_sample, t_elapsed);
else else
r_sample -= t_elapsed; r_sample -= t_elapsed;
CCID3_RTT_SANITY_CHECK(r_sample);
if (hcrx->ccid3hcrx_state == TFRC_RSTATE_NO_DATA) if (hcrx->ccid3hcrx_state == TFRC_RSTATE_NO_DATA)
hcrx->ccid3hcrx_rtt = r_sample; hcrx->ccid3hcrx_rtt = r_sample;
......
...@@ -51,6 +51,16 @@ ...@@ -51,6 +51,16 @@
/* Parameter t_mbi from [RFC 3448, 4.3]: backoff interval in seconds */ /* Parameter t_mbi from [RFC 3448, 4.3]: backoff interval in seconds */
#define TFRC_T_MBI 64 #define TFRC_T_MBI 64
/* What we think is a reasonable upper limit on RTT values */
#define CCID3_SANE_RTT_MAX (4 * USEC_PER_SEC)
#define CCID3_RTT_SANITY_CHECK(rtt) do { \
if (rtt > CCID3_SANE_RTT_MAX) { \
DCCP_CRIT("RTT (%ld) too large, substituting %ld", \
rtt, CCID3_SANE_RTT_MAX); \
rtt = CCID3_SANE_RTT_MAX; \
} } while (0)
enum ccid3_options { enum ccid3_options {
TFRC_OPT_LOSS_EVENT_RATE = 192, TFRC_OPT_LOSS_EVENT_RATE = 192,
TFRC_OPT_LOSS_INTERVALS = 193, TFRC_OPT_LOSS_INTERVALS = 193,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册