diff options
author | Renato Botelho <renato@netgate.com> | 2018-08-07 15:29:20 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2018-08-07 15:29:20 -0300 |
commit | c2ced4445079b852d8b492187eb2fb8fc0fa7994 (patch) | |
tree | d87e0ba6f422bbeb0e045055942a248b567a6960 | |
parent | cd0e4c8cf2587d4c52df0dfca16a71700a6f0997 (diff) | |
parent | 6d554063ca8c5d2a9bad18a2c238cd74dadeb33c (diff) | |
download | FreeBSD-src-c2ced4445079b852d8b492187eb2fb8fc0fa7994.zip FreeBSD-src-c2ced4445079b852d8b492187eb2fb8fc0fa7994.tar.gz |
Merge remote-tracking branch 'origin/releng/11.2' into RELENG_2_4_4
-rw-r--r-- | UPDATING | 4 | ||||
-rw-r--r-- | share/man/man4/tcp.4 | 14 | ||||
-rw-r--r-- | sys/conf/newvers.sh | 2 | ||||
-rw-r--r-- | sys/netinet/tcp_reass.c | 12 |
4 files changed, 30 insertions, 2 deletions
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20180806 p1 FreeBSD-SA-18:08.tcp + + Fix resource exhaustion in TCP reassembly. + 20180627: 11.2-RELEASE. diff --git a/share/man/man4/tcp.4 b/share/man/man4/tcp.4 index 8c71716..05a352c 100644 --- a/share/man/man4/tcp.4 +++ b/share/man/man4/tcp.4 @@ -445,6 +445,20 @@ no reseeding will occur. Reseeding should not be necessary, and will break .Dv TIME_WAIT recycling for a few minutes. +.It Va reass.cursegments +The current total number of segments present in all reassembly queues. +.It Va reass.maxsegments +The maximum limit on the total number of segments across all reassembly +queues. +The limit can be adjusted as a tunable. +.It Va reass.maxqueuelen +The maximum number of segments allowed in each reassembly queue. +By default, the system chooses a limit based on each TCP connection's +receive buffer size and maximum segment size (MSS). +The actual limit applied to a session's reassembly queue will be the lower of +the system-calculated automatic limit and the user-specified +.Va reass.maxqueuelen +limit. .It Va rexmit_min , rexmit_slop Adjust the retransmit timer calculation for .Tn TCP . diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index f4268a9..1807fa2 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -44,7 +44,7 @@ TYPE="FreeBSD" REVISION="11.2" -BRANCH="RELEASE" +BRANCH="RELEASE-p1" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi diff --git a/sys/netinet/tcp_reass.c b/sys/netinet/tcp_reass.c index a22fb30..c72991f 100644 --- a/sys/netinet/tcp_reass.c +++ b/sys/netinet/tcp_reass.c @@ -89,6 +89,11 @@ SYSCTL_UMA_CUR(_net_inet_tcp_reass, OID_AUTO, cursegments, 0, &tcp_reass_zone, "Global number of TCP Segments currently in Reassembly Queue"); +static u_int tcp_reass_maxqueuelen = 100; +SYSCTL_UINT(_net_inet_tcp_reass, OID_AUTO, maxqueuelen, CTLFLAG_RWTUN, + &tcp_reass_maxqueuelen, 0, + "Maximum number of TCP Segments per Reassembly Queue"); + /* Initialize TCP reassembly queue */ static void tcp_reass_zone_change(void *tag) @@ -168,6 +173,10 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int *tlenp, struct mbuf *m) * socket receive buffer determines our advertised window and grows * automatically when socket buffer autotuning is enabled. Use it as the * basis for our queue limit. + * + * However, allow the user to specify a ceiling for the number of + * segments in each queue. + * * Always let the missing segment through which caused this queue. * NB: Access to the socket buffer is left intentionally unlocked as we * can tolerate stale information here. @@ -178,7 +187,8 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int *tlenp, struct mbuf *m) * is understood. */ if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) && - tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) { + tp->t_segqlen >= min((so->so_rcv.sb_hiwat / tp->t_maxseg) + 1, + tcp_reass_maxqueuelen)) { TCPSTAT_INC(tcps_rcvreassfull); *tlenp = 0; if ((s = tcp_log_addrs(&tp->t_inpcb->inp_inc, th, NULL, NULL))) { |