Centos-kernel-stream-9/net
Jon Paul Maloy 81204c492b tipc: improve sequence number checking
The sequence number of an incoming packet is currently only checked
for less than, equality to, or bigger than the next expected number,
meaning that the receive window in practice becomes one half sequence
number cycle, or U16_MAX/2. This does not make sense, and may not even
be safe if there are extreme delays in the network. Any packet sent by
the peer during the ongoing cycle must belong inside his current send
window, or should otherwise be dropped if possible.

Since a link endpoint cannot know its peer's current send window, it
has to base this sanity check on a worst-case assumption, i.e., that
the peer is using a maximum sized window of 8191 packets. Using this
assumption, we now add a check that the sequence number is not bigger
than next_expected + TIPC_MAX_LINK_WIN. We also re-order the checks
done, so that the receive window test is performed before the gap test.
This way, we are guaranteed that no packet with illegal sequence numbers
are ever added to the deferred queue.

Signed-off-by: Jon Maloy <jon.maloy@ericsson.com>
Acked-by: Ying Xue <ying.xue@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-10-15 23:55:20 -07:00
..
6lowpan
9p
802
8021q
appletalk
atm
ax25
batman-adv
bluetooth Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next 2015-10-11 05:15:30 -07:00
bridge bridge: defer switchdev fdb del call in fdb_del_external_learn 2015-10-15 06:09:50 -07:00
caif
can can: avoid using timeval for uapi 2015-10-13 17:42:34 +02:00
ceph
core net: SO_INCOMING_CPU setsockopt() support 2015-10-12 19:28:20 -07:00
dcb net/dcb: make dcbnl.c explicitly non-modular 2015-10-09 07:52:27 -07:00
dccp tcp/dccp: fix behavior of stale SYN_RECV request sockets 2015-10-13 18:26:34 -07:00
decnet
dns_resolver
dsa switchdev: remove pointers from switchdev objects 2015-10-15 06:09:49 -07:00
ethernet
hsr
ieee802154
ipv4 tcp: avoid spurious SYN flood detection at listen() time 2015-10-14 19:06:32 -07:00
ipv6 tcp/dccp: fix behavior of stale SYN_RECV request sockets 2015-10-13 18:26:34 -07:00
ipx
irda
iucv
key
l2tp
l3mdev
lapb
llc
mac80211
mac802154
mpls
netfilter ipv4: Pass struct net into ip_defrag and ip_check_defrag 2015-10-12 19:44:16 -07:00
netlabel
netlink net/netlink: lockdep_genl_is_held can be boolean 2015-10-09 07:48:59 -07:00
netrom
nfc
openvswitch ipv6: Pass struct net into nf_ct_frag6_gather 2015-10-12 19:44:17 -07:00
packet ipv4: Pass struct net into ip_defrag and ip_check_defrag 2015-10-12 19:44:16 -07:00
phonet
rds RDS-TCP: Reset tcp callbacks if re-using an outgoing socket in rds_tcp_accept_one() 2015-10-13 04:22:41 -07:00
rfkill
rose
rxrpc
sched net: synack packets can be attached to request sockets 2015-10-11 05:05:06 -07:00
sctp
sunrpc
switchdev switchdev: assert rtnl mutex when going over lower netdevs 2015-10-15 06:09:53 -07:00
tipc tipc: improve sequence number checking 2015-10-15 23:55:20 -07:00
unix
vmw_vsock
wimax
wireless
x25
xfrm
Kconfig
Makefile
compat.c
socket.c
sysctl_net.c