| 2d70797b | 07-Sep-2019 |
Michael Tuexen <[email protected]> |
MFC r350404:
When performing after_idle() or post_recovery(), don't disable the DCTCP specific methods. Also fallthrough NewReno for non ECN capable TCP connections and improve the integer arithmeti
MFC r350404:
When performing after_idle() or post_recovery(), don't disable the DCTCP specific methods. Also fallthrough NewReno for non ECN capable TCP connections and improve the integer arithmetic.
Obtained from: Richard Scheffenegger Differential Revision: https://reviews.freebsd.org/D20550
show more ...
|
| 8fe95e9d | 18-Dec-2018 |
Brooks Davis <[email protected]> |
MFC r342125:
Fix bugs in plugable CC algorithm and siftr sysctls.
Use the sysctl_handle_int() handler to write out the old value and read the new value into a temporary variable. Use the temporary
MFC r342125:
Fix bugs in plugable CC algorithm and siftr sysctls.
Use the sysctl_handle_int() handler to write out the old value and read the new value into a temporary variable. Use the temporary variable for any checks of values rather than using the CAST_PTR_INT() macro on req->newptr. The prior usage read directly from userspace memory if the sysctl() was called correctly. This is unsafe and doesn't work at all on some architectures (at least i386.)
In some cases, the code could also be tricked into reading from kernel memory and leaking limited information about the contents or crashing the system. This was true for CDG, newreno, and siftr on all platforms and true for i386 in all cases. The impact of this bug is largest in VIMAGE jails which have been configured to allow writing to these sysctls.
Per discussion with the security officer, we will not be issuing an advisory for this issue as root access and a non-default config are required to be impacted.
Reviewed by: markj, bz Discussed with: gordon (security officer) Security: kernel information leak, local DoS (both require root) Differential Revision: https://reviews.freebsd.org/D18443
show more ...
|
| 4e7f7553 | 25-Oct-2016 |
Hiren Panchasara <[email protected]> |
FreeBSD tcp stack used to inform respective congestion control module about the loss event but not use or obay the recommendations i.e. values set by it in some cases.
Here is an attempt to solve th
FreeBSD tcp stack used to inform respective congestion control module about the loss event but not use or obay the recommendations i.e. values set by it in some cases.
Here is an attempt to solve that confusion by following relevant RFCs/drafts. Stack only sets congestion window/slow start threshold values when there is no CC module availalbe to take that action. All CC modules are inspected and updated when needed to take appropriate action on loss.
tcp_stacks/fastpath module has been updated to adapt these changes.
Note: Probably, the most significant change would be to not bring congestion window down to 1MSS on a loss signaled by 3-duplicate acks and letting respective CC decide that value.
In collaboration with: Matt Macy <mmacy at nextbsd dot org> Discussed on: transport@ mailing list Reviewed by: jtl MFC after: 1 month Sponsored by: Limelight Networks Differential Revision: https://reviews.freebsd.org/D8225
show more ...
|