Google Git
Sign in
chromium / chromiumos / third_party / kernel / 88dc785f46183b6e1bc59f6f79a073b824b37013
commit88dc785f46183b6e1bc59f6f79a073b824b37013[log] [tgz]
authorEric Dumazet <[email protected]>Mon Jul 23 16:28:17 2018
committerChromeOS Commit Bot <[email protected]>Fri Jul 27 17:40:19 2018
tree93ac77c8e7c4885bda1a40ca76186e2aa1bc9357
parentf9160728a1ebfe9b7cad665b4457f6886c0c2a60 [diff]
BACKPORT: tcp: free batches of packets in tcp_prune_ofo_queue()

Juha-Matti Tilli reported that malicious peers could inject tiny
packets in out_of_order_queue, forcing very expensive calls
to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for
every incoming packet. out_of_order_queue rb-tree can contain
thousands of nodes, iterating over all of them is not nice.

Before linux-4.9, we would have pruned all packets in ofo_queue
in one go, every XXXX packets. XXXX depends on sk_rcvbuf and skbs
truesize, but is about 7000 packets with tcp_rmem[2] default of 6 MB.

Since we plan to increase tcp_rmem[2] in the future to cope with
modern BDP, can not revert to the old behavior, without great pain.

Strategy taken in this patch is to purge ~12.5 % of the queue capacity.

Fixes: 36a6503fedda ("tcp: refine tcp_prune_ofo_queue() to not drop all packets")
Signed-off-by: Eric Dumazet <[email protected]>
Reported-by: Juha-Matti Tilli <[email protected]>
Acked-by: Yuchung Cheng <[email protected]>
Acked-by: Soheil Hassas Yeganeh <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
(cherry picked from commit 72cd43ba64fc172a443410ce01645895850844c8)

BUG=chromium:866800
TEST=tcp connection test

Change-Id: I32688470c2f8be36a6cb0f1af89a3925ed06aaa3
Signed-off-by: Guenter Roeck <[email protected]>
Reviewed-on: https://chromium-review.googlesource.com/1148924
Reviewed-by: Daniel Wang <[email protected]>
Reviewed-by: Dylan Reid <[email protected]>
Reviewed-on: https://chromium-review.googlesource.com/1151750
Commit-Queue: Daniel Wang <[email protected]>
Tested-by: Daniel Wang <[email protected]>
1 file changed
tree: 93ac77c8e7c4885bda1a40ca76186e2aa1bc9357
  1. arch/
  2. block/
  3. certs/
  4. chromeos/
  5. crypto/
  6. Documentation/
  7. drivers/
  8. firmware/
  9. fs/
  10. include/
  11. init/
  12. ipc/
  13. kernel/
  14. lib/
  15. mm/
  16. net/
  17. samples/
  18. scripts/
  19. security/
  20. sound/
  21. tools/
  22. usr/
  23. virt/
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COMMIT-QUEUE.ini
  30. COPYING
  31. CREDITS
  32. Kbuild
  33. Kconfig
  34. MAINTAINERS
  35. Makefile
  36. PRESUBMIT.cfg
  37. README