HomeFreeBSD
Diffusion FreeBSD src repository 08d9c9202755

tcp_input/syncache: acquire only read lock on PCB for SYN,!ACK packets
08d9c9202755
Actions

Description

tcp_input/syncache: acquire only read lock on PCB for SYN,!ACK packets

When packet is a SYN packet, we don't need to modify any existing PCB.
Normally SYN arrives on a listening socket, we either create a syncache
entry or generate syncookie, but we don't modify anything with the
listening socket or associated PCB. Thus create a new PCB lookup
mode - rlock if listening. This removes the primary contention point
under SYN flood - the listening socket PCB.

Sidenote: when SYN arrives on a synchronized connection, we still
don't need write access to PCB to send a challenge ACK or just to
drop. There is only one exclusion - tcptw recycling. However,
existing entanglement of tcp_input + stacks doesn't allow to make
this change small. Consider this patch as first approach to the problem.

Reviewed by: rrs
Differential revision: https://reviews.freebsd.org/D29576

Details

Provenance
glebiusAuthored on Mar 19 2021, 2:06 AM
Reviewer
rrs
Differential Revision
D29576: First take on syn-rlock.
Parents
rG0c6282e842b3: bhyve: add SMBIOS Baseboard Information
Branches
Unknown
Tags
Unknown

Changes (7)

PathSize
sys/
netinet/
netinet6/
security/
mac/

rG08d9c9202755

View Options

sys/netinet/in_pcb.c

Loading...
View Options

sys/netinet/in_pcb.h

Loading...
View Options

sys/netinet/tcp_input.c

Loading...
View Options

sys/netinet/tcp_subr.c

Loading...
View Options

sys/netinet/tcp_syncache.c

Loading...
View Options

sys/netinet6/in6_pcb.c

Loading...
View Options

sys/security/mac/mac_inet.c

Loading...