On Wed, Aug 15, 2018 at 09:21:05PM +0800, Mao Wenan wrote: > From: Eric Dumazet <eduma...@google.com> > > [ Upstream commit f4a3313d8e2ca9fd8d8f45e40a2903ba782607e7 ] > > Right after a TCP flow is created, receiving tiny out of order > packets allways hit the condition : > > if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) > tcp_clamp_window(sk); > > tcp_clamp_window() increases sk_rcvbuf to match sk_rmem_alloc > (guarded by tcp_rmem[2]) > > Calling tcp_collapse_ofo_queue() in this case is not useful, > and offers a O(N^2) surface attack to malicious peers. > > Better not attempt anything before full queue capacity is reached, > forcing attacker to spend lots of resource and allow us to more > easily detect the abuse. > > Signed-off-by: Eric Dumazet <eduma...@google.com> > Acked-by: Soheil Hassas Yeganeh <soh...@google.com> > Acked-by: Yuchung Cheng <ych...@google.com> > Signed-off-by: David S. Miller <da...@davemloft.net> > Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> > Signed-off-by: root <root@localhost.localdomain>
root?
