d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
07d397d746
freebsd-nq/sys/netinet6
History
Jonathan T. Looney 2ceeacbe71 Lower the default limits on the IPv6 reassembly queue. 
Currently, the limits are quite high. On machines with millions of
mbuf clusters, the reassembly queue limits can also run into
the millions. Lower these values.

Also, try to ensure that no bucket will have a reassembly
queue larger than approximately 100 items. This limits the cost to
find the correct reassembly queue when processing an incoming
fragment.

Due to the low limits on each bucket's length, increase the size of
the hash table from 64 to 1024.

Reviewed by:	jhb
Security:	FreeBSD-SA-18:10.ip
Security:	CVE-2018-6923
2018-08-14 17:32:07 +00:00
..
dest6.c
frag6.c Lower the default limits on the IPv6 reassembly queue. 2018-08-14 17:32:07 +00:00
icmp6.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
icmp6.h
in6_cksum.c
in6_fib.c Switch RIB and RADIX_NODE_HEAD lock from rwlock(9) to rmlock(9). 2018-06-16 08:26:23 +00:00
in6_fib.h
in6_gif.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
in6_ifattach.c Remove stale comment. in6_ifdetach() can be called from places 2018-06-14 09:29:39 +00:00
in6_ifattach.h
in6_jail.c
in6_mcast.c [ppc] Fix kernel panic when using BOOTP_NFSROOT 2018-08-09 14:04:51 +00:00
in6_pcb.c in6_pcblookup_hash: validate inp for liveness 2018-07-01 01:01:59 +00:00
in6_pcb.h
in6_pcbgroup.c
in6_proto.c Implement a limit on on the number of IPv6 reassembly queues per bucket. 2018-08-14 17:27:41 +00:00
in6_rmx.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
in6_rss.c
in6_rss.h
in6_src.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
in6_var.h CK: update consumers to use CK macros across the board 2018-05-24 23:21:23 +00:00
in6.c Move invoking of callout_stop(&lle->lle_timer) into llentry_free(). 2018-07-17 11:33:23 +00:00
in6.h Implement a limit on on the number of IPv6 reassembly queues per bucket. 2018-08-14 17:27:41 +00:00
ip6_ecn.h
ip6_fastfwd.c
ip6_forward.c
ip6_gre.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
ip6_id.c
ip6_input.c Restore ability to send ICMP and ICMPv6 redirects. 2018-08-14 07:54:14 +00:00
ip6_mroute.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
ip6_mroute.h
ip6_output.c acquire inp lock around ip6_pcbopt to fix IPV6_TCLASS panic 2018-07-15 00:47:06 +00:00
ip6_var.h Implement a limit on on the number of IPv6 reassembly queues per bucket. 2018-08-14 17:27:41 +00:00
ip6.h
ip6protosw.h
ip_fw_nat64.h
ip_fw_nptv6.h
mld6_var.h
mld6.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
mld6.h
nd6_nbr.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
nd6_rtr.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
nd6.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
nd6.h
pim6_var.h Rework IP encapsulation handling code. 2018-06-05 20:51:01 +00:00
pim6.h
raw_ip6.c epoch(9): allow preemptible epochs to compose 2018-07-04 02:47:16 +00:00
raw_ip6.h
route6.c
scope6_var.h Constify argument of in6_getscope(). 2018-06-05 20:54:29 +00:00
scope6.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
sctp6_usrreq.c Use a macro to set the assoc state. I missed this in r337706. 2018-08-14 08:33:47 +00:00
sctp6_var.h Whitespace changes due to changes in ident. 2018-07-19 20:16:33 +00:00
send.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
send.h
tcp6_var.h
udp6_usrreq.c Add a dtrace provider for UDP-Lite. 2018-07-31 22:56:03 +00:00
udp6_var.h