Commit dbf650b6 authored by Eric Dumazet's avatar Eric Dumazet Committed by David S. Miller

tcp: fastopen: limit max_qlen

Allowing an application to set whatever limit for
the list of recently RST fastopen sessions [1] is not wise,
as it open ways to deplete kernel memory.

Cap the user provided limit by somaxconn sysctl,
like listen() backlog.

[1] https://tools.ietf.org/html/rfc7413#section-5.1Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent e2aacd96
...@@ -392,8 +392,9 @@ static inline bool tcp_passive_fastopen(const struct sock *sk) ...@@ -392,8 +392,9 @@ static inline bool tcp_passive_fastopen(const struct sock *sk)
static inline void fastopen_queue_tune(struct sock *sk, int backlog) static inline void fastopen_queue_tune(struct sock *sk, int backlog)
{ {
struct request_sock_queue *queue = &inet_csk(sk)->icsk_accept_queue; struct request_sock_queue *queue = &inet_csk(sk)->icsk_accept_queue;
int somaxconn = READ_ONCE(sock_net(sk)->core.sysctl_somaxconn);
queue->fastopenq.max_qlen = backlog; queue->fastopenq.max_qlen = min_t(unsigned int, backlog, somaxconn);
} }
static inline void tcp_saved_syn_free(struct tcp_sock *tp) static inline void tcp_saved_syn_free(struct tcp_sock *tp)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment