]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit - net/ipv4/tcp.c
projects / mirror_ubuntu-bionic-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 84758cc) | patch
tcp: ignore Fast Open on repair mode
authorYuchung Cheng <ycheng@google.com>
Wed, 25 Apr 2018 18:33:08 +0000 (11:33 -0700)
committerStefan Bader <stefan.bader@canonical.com>
Tue, 14 Aug 2018 10:26:47 +0000 (12:26 +0200)
commit6aed27d3fd1c307d58c40ad9ab8709fcda635ee3
treec695b61708b0384ef0bdccbc2f76ea9648227167tree
parent84758cc2ef34e5aa6c697daea7cbc951cb4f237acommit | diff
tcp: ignore Fast Open on repair mode

BugLink: http://bugs.launchpad.net/bugs/1780858
[ Upstream commit 16ae6aa1705299789f71fdea59bfb119c1fbd9c0 ]

The TCP repair sequence of operation is to first set the socket in
repair mode, then inject the TCP stats into the socket with repair
socket options, then call connect() to re-activate the socket. The
connect syscall simply returns and set state to ESTABLISHED
mode. As a result Fast Open is meaningless for TCP repair.

However allowing sendto() system call with MSG_FASTOPEN flag half-way
during the repair operation could unexpectedly cause data to be
sent, before the operation finishes changing the internal TCP stats
(e.g. MSS).  This in turn triggers TCP warnings on inconsistent
packet accounting.

The fix is to simply disallow Fast Open operation once the socket
is in the repair mode.

Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Yuchung Cheng <ycheng@google.com>
Reviewed-by: Neal Cardwell <ncardwell@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
net/ipv4/tcp.c diff | blob | blame | history
ubuntu-bionic-kernel mirror