Message ID | 1445372260.22974.38.camel@edumazet-glaptop2.roam.corp.google.com |
---|---|
State | Accepted, archived |
Delegated to: | David Miller |
Headers | show |
From: Eric Dumazet <eric.dumazet@gmail.com> Date: Tue, 20 Oct 2015 13:17:40 -0700 > From: Eric Dumazet <edumazet@google.com> > > Allowing an application to set whatever limit for > the list of recently RST fastopen sessions [1] is not wise, > as it open ways to deplete kernel memory. > > Cap the user provided limit by somaxconn sysctl, > like listen() backlog. > > [1] https://tools.ietf.org/html/rfc7413#section-5.1 > > Signed-off-by: Eric Dumazet <edumazet@google.com> Applied, thanks Eric. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 86a7edaa6797..80ba0f7c0518 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h @@ -385,8 +385,9 @@ static inline bool tcp_passive_fastopen(const struct sock *sk) static inline void fastopen_queue_tune(struct sock *sk, int backlog) { struct request_sock_queue *queue = &inet_csk(sk)->icsk_accept_queue; + int somaxconn = READ_ONCE(sock_net(sk)->core.sysctl_somaxconn); - queue->fastopenq.max_qlen = backlog; + queue->fastopenq.max_qlen = min_t(unsigned int, backlog, somaxconn); } static inline void tcp_saved_syn_free(struct tcp_sock *tp)