From: Eric Dumazet Date: Tue, 20 Oct 2015 20:17:40 +0000 (-0700) Subject: tcp: fastopen: limit max_qlen X-Git-Tag: firefly_0821_release~176^2~818^2~92 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=dbf650b67bb4db1b95807d2aafe2d7cfafd458da;p=firefly-linux-kernel-4.4.55.git tcp: fastopen: limit max_qlen Allowing an application to set whatever limit for the list of recently RST fastopen sessions [1] is not wise, as it open ways to deplete kernel memory. Cap the user provided limit by somaxconn sysctl, like listen() backlog. [1] https://tools.ietf.org/html/rfc7413#section-5.1 Signed-off-by: Eric Dumazet Signed-off-by: David S. Miller --- diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 5dce9705fe84..c906f4534581 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h @@ -392,8 +392,9 @@ static inline bool tcp_passive_fastopen(const struct sock *sk) static inline void fastopen_queue_tune(struct sock *sk, int backlog) { struct request_sock_queue *queue = &inet_csk(sk)->icsk_accept_queue; + int somaxconn = READ_ONCE(sock_net(sk)->core.sysctl_somaxconn); - queue->fastopenq.max_qlen = backlog; + queue->fastopenq.max_qlen = min_t(unsigned int, backlog, somaxconn); } static inline void tcp_saved_syn_free(struct tcp_sock *tp)