Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1722cc21 authored by Eric Dumazet's avatar Eric Dumazet Committed by Sharath Chandra Vurukala
Browse files

tcp: detect malicious patterns in tcp_collapse_ofo_queue() 



[ Upstream commit 3d4bf93ac12003f9b8e1e2de37fe27983deebdcf ]

In case an attacker feeds tiny packets completely out of order,
tcp_collapse_ofo_queue() might scan the whole rb-tree, performing
expensive copies, but not changing socket memory usage at all.

1) Do not attempt to collapse tiny skbs.
2) Add logic to exit early when too many tiny skbs are detected.

We prefer not doing aggressive collapsing (which copies packets)
for pathological flows, and revert to tcp_prune_ofo_queue() which
will be less expensive.

In the future, we might add the possibility of terminating flows
that are proven to be malicious.

Change-Id: I21954420e5abb582bf65e5c47785023b371f6ce1
Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Acked-by: default avatarSoheil Hassas Yeganeh <soheil@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@google.com>
Git-commit: 34912e67
Git-repo: https://android.googlesource.com/kernel/common/


Signed-off-by: default avatarSharath Chandra Vurukala <sharathv@codeaurora.org>
parent b1c89548
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment