Page MenuHomeFreeBSD

tcp: improve mbuf handling when processing SYN
ClosedPublic

Authored by tuexen on Sep 28 2024, 8:38 PM.
Tags
None
Referenced Files
Unknown Object (File)
Nov 17 2024, 12:25 PM
Unknown Object (File)
Nov 17 2024, 10:27 AM
Unknown Object (File)
Nov 10 2024, 7:46 AM
Unknown Object (File)
Nov 3 2024, 4:54 PM
Unknown Object (File)
Nov 1 2024, 12:27 AM
Unknown Object (File)
Oct 29 2024, 8:30 PM
Unknown Object (File)
Oct 23 2024, 4:14 PM
Unknown Object (File)
Oct 21 2024, 8:31 PM

Details

Summary

When the sysctl-variable net.inet.ip.accept_sourceroute is non-zero, an mbuf would be leaked when processing a SYN-segment containing an IPv4 strict or loose source routing option, when
the on-stack syncache entry is used or there is an error related to processing TCP MD5 options.

Fix this by freeing the mbuf whenever an error occurred or the on-stack syncache entry is used.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj added inline comments.
sys/netinet/tcp_syncache.c
1585

Mostly unrelated, but this if-statement can be indented such that it applies only to the uma_zalloc() case. It's a minor thing but the control flow in this function is so complicated. :(

1777
This revision is now accepted and ready to land.Sep 30 2024, 10:34 AM
tuexen added inline comments.
sys/netinet/tcp_syncache.c
1585

I agree. Had the same observation, but did not want to intermix a the fix with a code cleanup with no functional change. Will do this as a follow-up.

1777

Will change it. But this is used multiple time this way in this file. Maybe this should be cleaned up first.