git: fd2a580db248 - stable/14 - tcp: no data on SYN segments unless doing TFO
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 17 Apr 2024 13:50:27 UTC
The branch stable/14 has been updated by tuexen:
URL: https://cgit.FreeBSD.org/src/commit/?id=fd2a580db248502b5fd46867992e346a95298efe
commit fd2a580db248502b5fd46867992e346a95298efe
Author: Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2024-03-22 10:12:56 +0000
Commit: Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2024-04-17 13:50:02 +0000
tcp: no data on SYN segments unless doing TFO
Ensure that there is no data on SYN segments unless doing TFO.
This check is already in RACK and BBR.
Reported by: glebius
Reviewed by: rscheff
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D44384
(cherry picked from commit af700f430fd86ba3eae63e587985a12436db8f69)
---
sys/netinet/tcp_output.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/sys/netinet/tcp_output.c b/sys/netinet/tcp_output.c
index 0d9fd8136554..9269ba443bd9 100644
--- a/sys/netinet/tcp_output.c
+++ b/sys/netinet/tcp_output.c
@@ -475,6 +475,12 @@ after_sack_rexmit:
(tp->t_tfo_client_cookie_len == 0)) ||
(flags & TH_RST)))
len = 0;
+
+ /* Without fast-open there should never be data sent on a SYN. */
+ if ((flags & TH_SYN) && !(tp->t_flags & TF_FASTOPEN)) {
+ len = 0;
+ }
+
if (len <= 0) {
/*
* If FIN has been sent but not acked,