Page MenuHomeFreeBSD
Differential D30358

Fix sending of TCP segments when IP level options are specified
ClosedPublic
Actions

Authored by tuexen on May 20 2021, 10:41 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Nov 11, 1:26 PM
Unknown Object (File)
Sun, Oct 20, 5:08 PM
Unknown Object (File)
Sun, Oct 20, 5:08 PM
Unknown Object (File)
Sun, Oct 20, 4:52 PM
Unknown Object (File)
Oct 5 2024, 1:43 AM
Unknown Object (File)
Oct 4 2024, 11:00 PM
Unknown Object (File)
Oct 3 2024, 9:57 AM
Unknown Object (File)
Oct 3 2024, 9:22 AM
View All 42 Files
Subscribers
glebius
imp
melifaro

Details

Reviewers
rrs
markj
rscheff
Group Reviewers
transport
Commits
rG500eb6dd8040: tcp: Fix sending of TCP segments with IP level options
rG56aeedd2fda4: tcp: Fix sending of TCP segments with IP level options
Summary

When bringing in TCP over UDP support, the length of IP level options was considered when locating the transport header. This was incorrect and is fixed by this patch.

This issue was detected by syzkaller.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

tuexen created this revision.May 20 2021, 10:41 AM
Herald added a reviewer: transport. · View Herald TranscriptMay 20 2021, 10:41 AM
Herald added a subscriber: melifaro. · View Herald Transcript
tuexen requested review of this revision.May 20 2021, 10:41 AM
rscheff added a comment.May 20 2021, 10:59 AM

Where are the ip options accounted for, then? Is the mbuf already adjusted to no longer contain ipoptions by that time (not familiar with IP level processing).

tuexen added a comment.May 20 2021, 11:02 AM
In D30358#681969, @rscheff wrote:

Where are the ip options accounted for, then? Is the mbuf already adjusted to no longer contain ipoptions by that time (not familiar with IP level processing).

It is used to ensure that the TCP/IP packet honours the MSS.

rscheff accepted this revision.May 20 2021, 2:18 PM

discussed in transport call.

This revision is now accepted and ready to land.May 20 2021, 2:18 PM
markj accepted this revision.May 20 2021, 2:25 PM

Seems ok to me.

sys/netinet/tcp_output.c
1166

This code is duplicated 6 times across the various TCP stacks. Could we lift it into a subroutine as a follow-up change?

tuexen added inline comments.May 21 2021, 8:35 AM
sys/netinet/tcp_output.c
1166

This is true for more than this. For RACK/BBR there are common functions, but not so much for the base stack and the optional ones.

tuexen closed this revision.May 24 2021, 7:48 PM

Commited in https://cgit.FreeBSD.org/src/commit/?id=500eb6dd80404ea512e31a8f795c73cb802c9c64.

tuexen added a commit: rG56aeedd2fda4: tcp: Fix sending of TCP segments with IP level options.Aug 29 2021, 11:59 PM
tuexen added a commit: rG500eb6dd8040: tcp: Fix sending of TCP segments with IP level options.Dec 23 2023, 11:23 AM
Herald added subscribers: glebius, imp. · View Herald TranscriptDec 23 2023, 11:23 AM

Revision Contents
Changeset List

PathSize
sys/
netinet/
4 lines
tcp_stacks/
4 lines
4 lines

Diff 89517

View Options

sys/netinet/tcp_output.c

Loading...
View Options

sys/netinet/tcp_stacks/bbr.c

Loading...
View Options

sys/netinet/tcp_stacks/rack.c

Loading...