| commit | dd929865b8ccf9253f743b0a72bfeb9febdf5c54 | [log] [tgz] |
|---|---|---|
| author | Eric Dumazet <[email protected]> | Mon Jul 23 16:28:17 2018 |
| committer | ChromeOS Commit Bot <[email protected]> | Fri Jul 27 17:40:21 2018 |
| tree | 0bafd8f4335ce06745307bb9858887d03e2f5d1e | |
| parent | e9e981a3aafe0fbecd42ecfb985e391c44c91f89 [diff] |
BACKPORT: tcp: free batches of packets in tcp_prune_ofo_queue()
Juha-Matti Tilli reported that malicious peers could inject tiny
packets in out_of_order_queue, forcing very expensive calls
to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for
every incoming packet. out_of_order_queue rb-tree can contain
thousands of nodes, iterating over all of them is not nice.
Before linux-4.9, we would have pruned all packets in ofo_queue
in one go, every XXXX packets. XXXX depends on sk_rcvbuf and skbs
truesize, but is about 7000 packets with tcp_rmem[2] default of 6 MB.
Since we plan to increase tcp_rmem[2] in the future to cope with
modern BDP, can not revert to the old behavior, without great pain.
Strategy taken in this patch is to purge ~12.5 % of the queue capacity.
Fixes: 36a6503fedda ("tcp: refine tcp_prune_ofo_queue() to not drop all packets")
Signed-off-by: Eric Dumazet <[email protected]>
Reported-by: Juha-Matti Tilli <[email protected]>
Acked-by: Yuchung Cheng <[email protected]>
Acked-by: Soheil Hassas Yeganeh <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
(cherry picked from commit 72cd43ba64fc172a443410ce01645895850844c8)
BUG=chromium:866800
TEST=tcp connection test
Change-Id: I32688470c2f8be36a6cb0f1af89a3925ed06aaa3
Signed-off-by: Guenter Roeck <[email protected]>
Reviewed-on: https://chromium-review.googlesource.com/1148924
Reviewed-by: Daniel Wang <[email protected]>
Reviewed-by: Dylan Reid <[email protected]>
Reviewed-on: https://chromium-review.googlesource.com/1151759
Commit-Queue: Daniel Wang <[email protected]>
Tested-by: Daniel Wang <[email protected]>