diff options
author | Eric Dumazet <edumazet@google.com> | 2015-10-20 23:17:40 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2015-10-22 16:22:13 +0300 |
commit | dbf650b67bb4db1b95807d2aafe2d7cfafd458da (patch) | |
tree | 1fa9fdca8c6f9380fd711cf2aa77fd48483ecd6e | |
parent | e2aacd963a06fc558a809ecb62f5833e6c340b28 (diff) | |
download | linux-dbf650b67bb4db1b95807d2aafe2d7cfafd458da.tar.xz |
tcp: fastopen: limit max_qlen
Allowing an application to set whatever limit for
the list of recently RST fastopen sessions [1] is not wise,
as it open ways to deplete kernel memory.
Cap the user provided limit by somaxconn sysctl,
like listen() backlog.
[1] https://tools.ietf.org/html/rfc7413#section-5.1
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | include/linux/tcp.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 5dce9705fe84..c906f4534581 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h @@ -392,8 +392,9 @@ static inline bool tcp_passive_fastopen(const struct sock *sk) static inline void fastopen_queue_tune(struct sock *sk, int backlog) { struct request_sock_queue *queue = &inet_csk(sk)->icsk_accept_queue; + int somaxconn = READ_ONCE(sock_net(sk)->core.sysctl_somaxconn); - queue->fastopenq.max_qlen = backlog; + queue->fastopenq.max_qlen = min_t(unsigned int, backlog, somaxconn); } static inline void tcp_saved_syn_free(struct tcp_sock *tp) |