diff options
| author |   Petar Penkov <ppenkov@google.com> | 2019-07-29 09:59:14 -0700 |
|---|---|---|
| committer |   Alexei Starovoitov <ast@kernel.org> | 2019-07-30 21:03:05 -0700 |
| commit | 9349d600fb6a1ca0aaeb515523e1bb5409483d76 (patch) | |
| tree | 214a3a4b68356a5977e75afe2117538810b64d10 /net/ipv4/tcp_ipv4.c | |
| parent | tcp: tcp_syn_flood_action read port from socket (diff) | |
| download | wireguard-linux-9349d600fb6a1ca0aaeb515523e1bb5409483d76.tar.xz wireguard-linux-9349d600fb6a1ca0aaeb515523e1bb5409483d76.zip | |
tcp: add skb-less helpers to retrieve SYN cookie
This patch allows generation of a SYN cookie before an SKB has been
allocated, as is the case at XDP.
Signed-off-by: Petar Penkov <ppenkov@google.com>
Reviewed-by: Lorenz Bauer <lmb@cloudflare.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'net/ipv4/tcp_ipv4.c')
| -rw-r--r-- | net/ipv4/tcp_ipv4.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index d57641cb3477..10217393cda6 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1515,6 +1515,21 @@ static struct sock *tcp_v4_cookie_check(struct sock *sk, struct sk_buff *skb) return sk; } +u16 tcp_v4_get_syncookie(struct sock *sk, struct iphdr *iph, + struct tcphdr *th, u32 *cookie) +{ + u16 mss = 0; +#ifdef CONFIG_SYN_COOKIES + mss = tcp_get_syncookie_mss(&tcp_request_sock_ops, + &tcp_request_sock_ipv4_ops, sk, th); + if (mss) { + *cookie = __cookie_v4_init_sequence(iph, th, &mss); + tcp_synq_overflow(sk); + } +#endif + return mss; +} + /* The socket must have it's spinlock held when we get * here, unless it is a TCP_LISTEN socket. * |