diff options
| author |   Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> | 2007-04-30 00:57:33 -0700 |
|---|---|---|
| committer |   David S. Miller <davem@davemloft.net> | 2007-04-30 00:57:33 -0700 |
| commit | 34588b4c046c34773e5a1a962da7b78b05c4d1bd (patch) | |
| tree | d655bed4dfd053b4d2a30f647857300694d44c93 | |
| parent | [PATCH] INET : IPV4 UDP lookups converted to a 2 pass algo (diff) | |
| download | linux-dev-34588b4c046c34773e5a1a962da7b78b05c4d1bd.tar.xz linux-dev-34588b4c046c34773e5a1a962da7b78b05c4d1bd.zip | |
[TCP]: Catch skb with S+L bugs earlier
SACKED_ACKED and LOST are mutually exclusive with SACK, thus
having their sum larger than packets_out is bug with SACK.
Eventually these bugs trigger traps in the tcp_clean_rtx_queue
with SACK but it's much more informative to do this here.
Non-SACK TCP, however, could get more than packets_out duplicate
ACKs which each increment sacked_out, so it makes sense to do
this kind of limitting for non-SACK TCP but not for SACK enabled
one. Perhaps the author had the opposite in mind but did the
logic accidently wrong way around? Anyway, the sacked_out
incrementer code for non-SACK already deals this issue before
calling sync_left_out so this trapping can be done
unconditionally.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | include/net/tcp.h | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h index a385797f160a..c6ecd455edab 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -736,9 +736,7 @@ static inline __u32 tcp_current_ssthresh(const struct sock *sk) static inline void tcp_sync_left_out(struct tcp_sock *tp) { - if (tp->rx_opt.sack_ok && - (tp->sacked_out >= tp->packets_out - tp->lost_out)) - tp->sacked_out = tp->packets_out - tp->lost_out; + BUG_ON(tp->sacked_out + tp->lost_out > tp->packets_out); tp->left_out = tp->sacked_out + tp->lost_out; } |