Changeset View
Changeset View
Standalone View
Standalone View
sys/netinet/tcp_syncache.c
Show First 20 Lines • Show All 164 Lines • ▼ Show 20 Lines | |||||
* the odds are that the user has given up attempting to connect by then. | * the odds are that the user has given up attempting to connect by then. | ||||
*/ | */ | ||||
#define SYNCACHE_MAXREXMTS 3 | #define SYNCACHE_MAXREXMTS 3 | ||||
/* Arbitrary values */ | /* Arbitrary values */ | ||||
#define TCP_SYNCACHE_HASHSIZE 512 | #define TCP_SYNCACHE_HASHSIZE 512 | ||||
#define TCP_SYNCACHE_BUCKETLIMIT 30 | #define TCP_SYNCACHE_BUCKETLIMIT 30 | ||||
VNET_DEFINE_STATIC(struct tcp_syncache, tcp_syncache); | VNET_DEFINE_STATIC(struct tcp_syncache, tcp_syncache) = { | ||||
.hashsize = TCP_SYNCACHE_HASHSIZE, | |||||
.bucket_limit = TCP_SYNCACHE_BUCKETLIMIT, | |||||
.rexmt_limit = SYNCACHE_MAXREXMTS, | |||||
}; | |||||
#define V_tcp_syncache VNET(tcp_syncache) | #define V_tcp_syncache VNET(tcp_syncache) | ||||
static SYSCTL_NODE(_net_inet_tcp, OID_AUTO, syncache, | static SYSCTL_NODE(_net_inet_tcp, OID_AUTO, syncache, | ||||
CTLFLAG_RW | CTLFLAG_MPSAFE, 0, | CTLFLAG_RW | CTLFLAG_MPSAFE, 0, | ||||
"TCP SYN cache"); | "TCP SYN cache"); | ||||
SYSCTL_UINT(_net_inet_tcp_syncache, OID_AUTO, bucketlimit, CTLFLAG_VNET | CTLFLAG_RDTUN, | SYSCTL_UINT(_net_inet_tcp_syncache, OID_AUTO, bucketlimit, CTLFLAG_VNET | CTLFLAG_RDTUN, | ||||
&VNET_NAME(tcp_syncache.bucket_limit), 0, | &VNET_NAME(tcp_syncache.bucket_limit), 0, | ||||
"Per-bucket hash limit for syncache"); | "Per-bucket hash limit for syncache"); | ||||
SYSCTL_UINT(_net_inet_tcp_syncache, OID_AUTO, cachelimit, CTLFLAG_VNET | CTLFLAG_RDTUN, | SYSCTL_UINT(_net_inet_tcp_syncache, OID_AUTO, cachelimit, CTLFLAG_VNET | CTLFLAG_RDTUN, | ||||
&VNET_NAME(tcp_syncache.cache_limit), 0, | &VNET_NAME(tcp_syncache.cache_limit), 0, | ||||
"Overall entry limit for syncache"); | "Overall entry limit for syncache"); | ||||
SYSCTL_UMA_CUR(_net_inet_tcp_syncache, OID_AUTO, count, CTLFLAG_VNET, | SYSCTL_UMA_CUR(_net_inet_tcp_syncache, OID_AUTO, count, CTLFLAG_VNET, | ||||
&VNET_NAME(tcp_syncache.zone), "Current number of entries in syncache"); | &VNET_NAME(tcp_syncache.zone), "Current number of entries in syncache"); | ||||
SYSCTL_UINT(_net_inet_tcp_syncache, OID_AUTO, hashsize, CTLFLAG_VNET | CTLFLAG_RDTUN, | SYSCTL_UINT(_net_inet_tcp_syncache, OID_AUTO, hashsize, CTLFLAG_VNET | CTLFLAG_RDTUN, | ||||
&VNET_NAME(tcp_syncache.hashsize), 0, | &VNET_NAME(tcp_syncache.hashsize), 0, | ||||
"Size of TCP syncache hashtable"); | "Size of TCP syncache hashtable"); | ||||
SYSCTL_BOOL(_net_inet_tcp_syncache, OID_AUTO, see_other, CTLFLAG_VNET | | SYSCTL_BOOL(_net_inet_tcp_syncache, OID_AUTO, see_other, CTLFLAG_VNET | CTLFLAG_RW, | ||||
CTLFLAG_RW, &VNET_NAME(tcp_syncache.see_other), 0, | &VNET_NAME(tcp_syncache.see_other), 0, | ||||
"All syncache(4) entries are visible, ignoring UID/GID, jail(2) " | "All syncache(4) entries are visible, ignoring UID/GID, jail(2) " | ||||
"and mac(4) checks"); | "and mac(4) checks"); | ||||
static int | static int | ||||
sysctl_net_inet_tcp_syncache_rexmtlimit_check(SYSCTL_HANDLER_ARGS) | sysctl_net_inet_tcp_syncache_rexmtlimit_check(SYSCTL_HANDLER_ARGS) | ||||
{ | { | ||||
int error; | int error; | ||||
u_int new; | u_int new; | ||||
▲ Show 20 Lines • Show All 44 Lines • ▼ Show 20 Lines | #endif | ||||
uma_zfree(V_tcp_syncache.zone, sc); | uma_zfree(V_tcp_syncache.zone, sc); | ||||
} | } | ||||
void | void | ||||
syncache_init(void) | syncache_init(void) | ||||
{ | { | ||||
int i; | int i; | ||||
V_tcp_syncache.hashsize = TCP_SYNCACHE_HASHSIZE; | |||||
V_tcp_syncache.bucket_limit = TCP_SYNCACHE_BUCKETLIMIT; | |||||
V_tcp_syncache.rexmt_limit = SYNCACHE_MAXREXMTS; | |||||
V_tcp_syncache.hash_secret = arc4random(); | V_tcp_syncache.hash_secret = arc4random(); | ||||
TUNABLE_INT_FETCH("net.inet.tcp.syncache.hashsize", | |||||
&V_tcp_syncache.hashsize); | |||||
TUNABLE_INT_FETCH("net.inet.tcp.syncache.bucketlimit", | |||||
&V_tcp_syncache.bucket_limit); | |||||
if (!powerof2(V_tcp_syncache.hashsize) || | if (!powerof2(V_tcp_syncache.hashsize) || | ||||
V_tcp_syncache.hashsize == 0) { | V_tcp_syncache.hashsize == 0) { | ||||
printf("WARNING: syncache hash size is not a power of 2.\n"); | printf("WARNING: syncache hash size is not a power of 2.\n"); | ||||
V_tcp_syncache.hashsize = TCP_SYNCACHE_HASHSIZE; | V_tcp_syncache.hashsize = TCP_SYNCACHE_HASHSIZE; | ||||
} | } | ||||
V_tcp_syncache.hashmask = V_tcp_syncache.hashsize - 1; | V_tcp_syncache.hashmask = V_tcp_syncache.hashsize - 1; | ||||
/* Set limits. */ | /* Set limits. */ | ||||
if (V_tcp_syncache.cache_limit == 0) { | |||||
V_tcp_syncache.cache_limit = | V_tcp_syncache.cache_limit = | ||||
V_tcp_syncache.hashsize * V_tcp_syncache.bucket_limit; | V_tcp_syncache.hashsize * V_tcp_syncache.bucket_limit; | ||||
TUNABLE_INT_FETCH("net.inet.tcp.syncache.cachelimit", | } | ||||
&V_tcp_syncache.cache_limit); | |||||
/* Allocate the hash table. */ | /* Allocate the hash table. */ | ||||
V_tcp_syncache.hashbase = malloc(V_tcp_syncache.hashsize * | V_tcp_syncache.hashbase = malloc(V_tcp_syncache.hashsize * | ||||
sizeof(struct syncache_head), M_SYNCACHE, M_WAITOK | M_ZERO); | sizeof(struct syncache_head), M_SYNCACHE, M_WAITOK | M_ZERO); | ||||
#ifdef VIMAGE | #ifdef VIMAGE | ||||
V_tcp_syncache.vnet = curvnet; | V_tcp_syncache.vnet = curvnet; | ||||
#endif | #endif | ||||
▲ Show 20 Lines • Show All 2,305 Lines • Show Last 20 Lines |