From 7329900ba0be8322fcfb13ca0708c2a7d2398b4c Mon Sep 17 00:00:00 2001
From: cperciva <cperciva@FreeBSD.org>
Date: Tue, 5 Jul 2011 18:43:54 +0000
Subject: Don't allow lro->len to exceed 65535, as this will result in overflow
 when len is inserted back into the synthetic IP packet and cause a multiple
 of 2^16 bytes of TCP "packet loss".

This improves Linux->FreeBSD netperf bandwidth by a factor of 300 in
testing on Amazon EC2.

Reviewed by:	jfv
MFC after:	2 weeks
---
 sys/netinet/tcp_lro.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'sys')

diff --git a/sys/netinet/tcp_lro.c b/sys/netinet/tcp_lro.c
index 27384c5..6569eda 100644
--- a/sys/netinet/tcp_lro.c
+++ b/sys/netinet/tcp_lro.c
@@ -277,6 +277,14 @@ tcp_lro_rx(struct lro_ctrl *cntl, struct mbuf *m_head, uint32_t csum)
 		    lro->dest_port == tcp->th_dport &&
 		    lro->source_ip == ip->ip_src.s_addr && 
 		    lro->dest_ip == ip->ip_dst.s_addr) {
+			/* Flush now if appending will result in overflow. */
+			if (lro->len > (65535 - tcp_data_len)) {
+				SLIST_REMOVE(&cntl->lro_active, lro,
+					     lro_entry, next);
+				tcp_lro_flush(cntl, lro);
+				break;
+			}
+
 			/* Try to append it */
 
 			if (__predict_false(seq != lro->next_seq ||
-- 
cgit v1.1