freebsd-nq/sys/netinet
John Baldwin f701e30d7f Handle a rare edge case with nearly full TCP receive buffers. If a TCP
buffer fills up causing the remote sender to enter into persist mode, but
there is still room available in the receive buffer when a window probe
arrives (either due to window scaling, or due to the local application
very slowing draining data from the receive buffer), then the single byte
of data in the window probe is accepted.  However, this can cause rcv_nxt
to be greater than rcv_adv.  This condition will only last until the next
ACK packet is pushed out via tcp_output(), and since the previous ACK
advertised a zero window, the ACK should be pushed out while the TCP
pcb is write-locked.

During the window while rcv_nxt is greather than rcv_adv, a few places
would compute the remaining receive window via rcv_adv - rcv_nxt.
However, this value was then (uint32_t)-1.  On a 64 bit machine this
could expand to a positive 2^32 - 1 when cast to a long.  In particular,
when calculating the receive window in tcp_output(), the result would be
that the receive window was computed as 2^32 - 1 resulting in advertising
a far larger window to the remote peer than actually existed.

Fix various places that compute the remaining receive window to either
assert that it is not negative (i.e. rcv_nxt <= rcv_adv), or treat the
window as full if rcv_nxt is greather than rcv_adv.

Reviewed by:	bz
MFC after:	1 month
2011-05-02 21:05:52 +00:00
..
cc Staticize malloc types. 2011-04-13 11:28:46 +00:00
ipfw Use size_t for sopt_valsize. 2011-04-21 08:18:55 +00:00
khelp Use the full and proper company name for Swinburne University of Technology 2011-04-12 08:13:18 +00:00
libalias LibAliasInit() should allocate memory with M_WAITOK flag. Modify it 2011-04-18 20:07:08 +00:00
accf_data.c
accf_dns.c
accf_http.c
cc.h Use the full and proper company name for Swinburne University of Technology 2011-04-12 08:13:18 +00:00
icmp6.h MFP4: @176978-176982, 176984, 176990-176994, 177441 2010-04-29 11:52:42 +00:00
icmp_var.h Many network stack subsystems use a single global data structure to hold 2009-08-02 19:43:32 +00:00
if_atm.c Bring back (most of) NATM to avoid further bitrot after r186119. 2010-12-15 22:58:45 +00:00
if_atm.h
if_ether.c - Merge changes to the base system to support OFED. These include 2011-03-21 09:40:01 +00:00
if_ether.h Add arp_update_event. This replaces route_arp_update_event, which 2009-09-08 21:17:17 +00:00
igmp_var.h
igmp.c After some off-list discussion, revert a number of changes to the 2010-11-22 19:32:54 +00:00
igmp.h These are no longer referenced in the tree, so can be safely removed. 2009-06-10 18:12:15 +00:00
in_cksum.c
in_debug.c Add initial inet DDB support for show in_ifaddr and show sin commands which 2010-10-24 22:02:36 +00:00
in_gif.c MFP4: @176978-176982, 176984, 176990-176994, 177441 2010-04-29 11:52:42 +00:00
in_gif.h
in_mcast.c Fix a few issues related to the legacy 4.4 BSD multicast APIs. 2010-04-10 12:05:31 +00:00
in_pcb.c Make the PCB code compile without INET support by adding #ifdef INETs 2011-04-30 11:04:34 +00:00
in_pcb.h MFp4 CH=191470: 2011-04-20 08:00:29 +00:00
in_proto.c Be less strict on includes than in r220746. We need in.h for both 2011-04-25 16:36:16 +00:00
in_rmx.c After some off-list discussion, revert a number of changes to the 2010-11-22 19:32:54 +00:00
in_systm.h
in_var.h Remove unused VNET_SET() and related macros; only VNET_GET() is 2009-07-16 21:13:04 +00:00
in.c Reference ifaddr object before unlocking as it can be freed 2011-03-21 14:19:40 +00:00
in.h Make the RPC specific __rpc_inet_ntop() and __rpc_inet_pton() general 2010-09-24 15:01:45 +00:00
ip6.h Fix more continuous/contiguous typos (cf. r215955) 2010-11-27 21:51:39 +00:00
ip_carp.c Make various (pseudo) interfaces compile without INET in the kernel 2011-04-27 19:30:44 +00:00
ip_carp.h Unbreak LINT by moving all carp hooks to net/if.c / netinet/ip_carp.h, with 2010-08-11 20:18:19 +00:00
ip_divert.c Specify a CTLTYPE_FOO so that a future sysctl(8) change does not need 2011-01-18 21:14:13 +00:00
ip_divert.h Various cleanup done in ipfw3-head branch including: 2010-01-04 19:01:22 +00:00
ip_dummynet.h whitespace fixes (trailing whitespace, bad indentation 2010-04-19 16:17:30 +00:00
ip_ecn.c
ip_ecn.h
ip_encap.c (S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument. 2009-12-28 22:56:30 +00:00
ip_encap.h
ip_fastfwd.c Use correct field to track statistics counting error as bad header length. 2010-12-05 01:09:48 +00:00
ip_fw.h - Rewrite functions that copyin/out NAT configuration, so that they 2011-04-19 15:06:33 +00:00
ip_gre.c The NetBSD Foundation has granted permission to remove clause 3 and 4 from 2010-03-01 17:05:46 +00:00
ip_gre.h The NetBSD Foundation has granted permission to remove clause 3 and 4 from 2010-03-01 17:05:46 +00:00
ip_icmp.c MfP4 CH=192029: 2011-04-27 19:36:35 +00:00
ip_icmp.h MFP4: @176978-176982, 176984, 176990-176994, 177441 2010-04-29 11:52:42 +00:00
ip_id.c
ip_input.c MfP4 CH=192004: 2011-04-27 19:32:27 +00:00
ip_ipsec.c After some off-list discussion, revert a number of changes to the 2010-11-22 19:32:54 +00:00
ip_ipsec.h Remove ifdefed out part of code, which seems to have originated a decade ago 2009-11-09 19:53:34 +00:00
ip_mroute.c After some off-list discussion, revert a number of changes to the 2010-11-22 19:32:54 +00:00
ip_mroute.h Virtualize the IPv4 multicast routing code. 2010-06-02 15:44:43 +00:00
ip_options.c Use ifa_ifwithaddr_check() rather than ifa_ifwithaddr() as we are not 2010-10-14 12:32:49 +00:00
ip_options.h
ip_output.c The mbuf_frag_size always was and is file local and not queried from base 2011-04-14 09:47:09 +00:00
ip_var.h MFp4 CH=191470: 2011-04-20 08:00:29 +00:00
ip.h use u_char instead of u_int for short bitfields. 2010-02-01 14:13:44 +00:00
pim_var.h Virtualize the IPv4 multicast routing code. 2010-06-02 15:44:43 +00:00
pim.h
raw_ip.c MfP4 CH=192004: 2011-04-27 19:32:27 +00:00
sctp_asconf.c Improve compilation of SCTP code without INET support. 2011-04-30 11:18:16 +00:00
sctp_asconf.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_auth.c 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_auth.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_bsd_addr.c Improve compilation of SCTP code without INET support. 2011-04-30 11:18:16 +00:00
sctp_bsd_addr.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_cc_functions.c Tunes and fixes the new DC-CC to seem to hit the 2011-03-08 11:58:25 +00:00
sctp_constants.h Tunes and fixes the new DC-CC to seem to hit the 2011-03-08 11:58:25 +00:00
sctp_crc32.c 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_crc32.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_dtrace_declare.h Tunes and fixes the new DC-CC to seem to hit the 2011-03-08 11:58:25 +00:00
sctp_dtrace_define.h Tunes and fixes the new DC-CC to seem to hit the 2011-03-08 11:58:25 +00:00
sctp_header.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_indata.c Tunes and fixes the new DC-CC to seem to hit the 2011-03-08 11:58:25 +00:00
sctp_indata.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_input.c Improve compilation of SCTP code without INET support. 2011-04-30 11:18:16 +00:00
sctp_input.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_lock_bsd.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_os_bsd.h Remove some leftover debug code. 2011-04-30 11:22:30 +00:00
sctp_os.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_output.c Improve compilation of SCTP code without INET support. 2011-04-30 11:18:16 +00:00
sctp_output.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_pcb.c Improve compilation of SCTP code without INET support. 2011-04-30 11:18:16 +00:00
sctp_pcb.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_peeloff.c Mfp4 CH=177274,177280,177284-177285,177297,177324-177325 2011-02-16 21:29:13 +00:00
sctp_peeloff.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_ss_functions.c Fix several bugs related to stream scheduling. 2011-02-13 13:53:28 +00:00
sctp_structs.h Tunes and fixes the new DC-CC to seem to hit the 2011-03-08 11:58:25 +00:00
sctp_sysctl.c Improve compilation of SCTP code without INET support. 2011-04-30 11:18:16 +00:00
sctp_sysctl.h Tunes and fixes the new DC-CC to seem to hit the 2011-03-08 11:58:25 +00:00
sctp_timer.c Tunes and fixes the new DC-CC to seem to hit the 2011-03-08 11:58:25 +00:00
sctp_timer.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_uio.h Improvements to CC modules: 2011-02-26 15:23:46 +00:00
sctp_usrreq.c Improve compilation of SCTP code without INET support. 2011-04-30 11:18:16 +00:00
sctp_var.h Improve compilation of SCTP code without INET support. 2011-04-30 11:18:16 +00:00
sctp.h Tunes and fixes the new DC-CC to seem to hit the 2011-03-08 11:58:25 +00:00
sctputil.c Some more cleanups related to an kernel without INET. 2011-05-02 15:53:00 +00:00
sctputil.h Some more cleanups related to an kernel without INET. 2011-05-02 15:53:00 +00:00
siftr.c Staticize malloc types. 2011-04-13 11:28:46 +00:00
tcp_debug.c Remove the "The option TCPDEBUG requires option INET." requirement. 2009-06-10 10:39:41 +00:00
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:53:50 +00:00
tcp_hostcache.h
tcp_input.c Handle a rare edge case with nearly full TCP receive buffers. If a TCP 2011-05-02 21:05:52 +00:00
tcp_lro.c Port of the LRO fix from mxge driver to the generic 2011-04-07 21:20:26 +00:00
tcp_lro.h Trim extra spaces before tabs. 2011-01-07 21:40:34 +00:00
tcp_offload.c Merge the remainder of kern_vimage.c and vimage.h into vnet.c and 2009-08-01 19:26:27 +00:00
tcp_offload.h Fix typos - remove duplicate "the". 2011-02-21 09:01:34 +00:00
tcp_output.c Handle a rare edge case with nearly full TCP receive buffers. If a TCP 2011-05-02 21:05:52 +00:00
tcp_reass.c Specify a CTLTYPE_FOO so that a future sysctl(8) change does not need 2011-01-18 21:14:13 +00:00
tcp_sack.c Covers values if (BYTES_THIS_ACK(tp, th) / tp->t_maxseg) value is from 2011-03-28 19:03:56 +00:00
tcp_seq.h
tcp_subr.c Make the TCP code compile without INET. Sort #includes and add #ifdef INETs. 2011-04-30 11:21:29 +00:00
tcp_syncache.c Make the TCP code compile without INET. Sort #includes and add #ifdef INETs. 2011-04-30 11:21:29 +00:00
tcp_syncache.h Trim extra spaces before tabs. 2011-01-07 21:40:34 +00:00
tcp_timer.c TCP reuses t_rxtshift to determine the backoff timer used for both the 2011-04-29 15:40:12 +00:00
tcp_timer.h Remove the TCP inflight bandwidth limiter as announced in r211315 2010-09-16 21:06:45 +00:00
tcp_timewait.c Handle a rare edge case with nearly full TCP receive buffers. If a TCP 2011-05-02 21:05:52 +00:00
tcp_usrreq.c Make the TCP code compile without INET. Sort #includes and add #ifdef INETs. 2011-04-30 11:21:29 +00:00
tcp_var.h TCP reuses t_rxtshift to determine the backoff timer used for both the 2011-04-29 15:40:12 +00:00
tcp.h Add new, per connection, statistics for TCP, including: 2010-11-17 18:55:12 +00:00
tcpip.h
toedev.h
udp_usrreq.c Make the UDP code compile without INET. Expose udp_usrreq.c to IPv6 only 2011-04-30 11:17:00 +00:00
udp_var.h Trim extra spaces before tabs. 2011-01-07 21:40:34 +00:00
udp.h Trim extra spaces before tabs. 2011-01-07 21:40:34 +00:00