diff options
| author | Jakub Kicinski <kuba@kernel.org> | 2023-11-29 20:16:42 -0800 |
|---|---|---|
| committer | Jakub Kicinski <kuba@kernel.org> | 2023-11-29 20:17:23 -0800 |
| commit | e35174263f2c671603e8ccc997a16334087b782c (patch) | |
| tree | 51ab8ee1bc85d5af40c50c6d6cbd84b5d0a9ce47 /include/net/tcp.h | |
| parent | f422544118cbdfc3bba7b7c5189e18147acb9047 (diff) | |
| parent | 8e7bab6b9652cd07a05ee0380b623c0e00e3eb00 (diff) | |
Merge branch 'clean-up-and-refactor-cookie_v46_check'
Kuniyuki Iwashima says:
====================
tcp: Clean up and refactor cookie_v[46]_check().
This is a preparation series for upcoming arbitrary SYN Cookie
support with BPF. [0]
There are slight differences between cookie_v[46]_check(). Such a
discrepancy caused an issue in the past, and BPF SYN Cookie support
will add more churn.
The primary purpose of this series is to clean up and refactor
cookie_v[46]_check() to minimise such discrepancies and make the
BPF series easier to review.
[0]: https://lore.kernel.org/netdev/20231121184245.69569-1-kuniyu@amazon.com/
v2: https://lore.kernel.org/netdev/20231125011638.72056-1-kuniyu@amazon.com/
v1: https://lore.kernel.org/netdev/20231123012521.62841-1-kuniyu@amazon.com/
====================
Link: https://lore.kernel.org/r/20231129022924.96156-1-kuniyu@amazon.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'include/net/tcp.h')
| -rw-r--r-- | include/net/tcp.h | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h index d2f0736b76b8..973555cb1d3f 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -490,13 +490,14 @@ void inet_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb); /* From syncookies.c */ struct sock *tcp_get_cookie_sock(struct sock *sk, struct sk_buff *skb, struct request_sock *req, - struct dst_entry *dst, u32 tsoff); -int __cookie_v4_check(const struct iphdr *iph, const struct tcphdr *th, - u32 cookie); + struct dst_entry *dst); +int __cookie_v4_check(const struct iphdr *iph, const struct tcphdr *th); struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb); struct request_sock *cookie_tcp_reqsk_alloc(const struct request_sock_ops *ops, - const struct tcp_request_sock_ops *af_ops, - struct sock *sk, struct sk_buff *skb); + struct sock *sk, struct sk_buff *skb, + struct tcp_options_received *tcp_opt, + int mss, u32 tsoff); + #ifdef CONFIG_SYN_COOKIES /* Syncookies use a monotonic timer which increments every 60 seconds. @@ -582,12 +583,15 @@ __u32 cookie_v4_init_sequence(const struct sk_buff *skb, __u16 *mss); u64 cookie_init_timestamp(struct request_sock *req, u64 now); bool cookie_timestamp_decode(const struct net *net, struct tcp_options_received *opt); -bool cookie_ecn_ok(const struct tcp_options_received *opt, - const struct net *net, const struct dst_entry *dst); + +static inline bool cookie_ecn_ok(const struct net *net, const struct dst_entry *dst) +{ + return READ_ONCE(net->ipv4.sysctl_tcp_ecn) || + dst_feature(dst, RTAX_FEATURE_ECN); +} /* From net/ipv6/syncookies.c */ -int __cookie_v6_check(const struct ipv6hdr *iph, const struct tcphdr *th, - u32 cookie); +int __cookie_v6_check(const struct ipv6hdr *iph, const struct tcphdr *th); struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb); u32 __cookie_v6_init_sequence(const struct ipv6hdr *iph, |