Algorithm modules can define their own private congestion signal types in the

top 8 bits of the 32 bit signal bit field space for internal use. These private
signals should not be leaked outside of a module.

Given that many algorithm modules use the NewReno hook functions to simplify
their implementation, the obvious place such a leak would show up is in the
NewReno cong_signal hook function.

- Show the full number of significant bits in the signal type definitions in
  <netinet/cc.h>.

- Add a bitmask to simplify figuring out if a given signal is in the private or
  public bit range.

- Add a sanity check in newreno_cong_signal() to ensure private signals are not
  being leaked into the hook function.

Sponsored by:	FreeBSD Foundation
Discussed with:	David Hayes <dahayes at swin edu au>
MFC after:	1 week
X-MFC with:	r215166
This commit is contained in:
Lawrence Stewart 2011-02-01 13:32:27 +00:00
parent 4a81e416d6
commit 03f0843bdb
2 changed files with 10 additions and 4 deletions

View File

@ -101,10 +101,12 @@ struct cc_var {
* bits (0x01000000 - 0x80000000) are reserved for CC algos to declare their own
* congestion signal types.
*/
#define CC_ECN 0x000001/* ECN marked packet received. */
#define CC_RTO 0x000002/* RTO fired. */
#define CC_RTO_ERR 0x000004/* RTO fired in error. */
#define CC_NDUPACK 0x000008/* Threshold of dupack's reached. */
#define CC_ECN 0x00000001 /* ECN marked packet received. */
#define CC_RTO 0x00000002 /* RTO fired. */
#define CC_RTO_ERR 0x00000004 /* RTO fired in error. */
#define CC_NDUPACK 0x00000008 /* Threshold of dupack's reached. */
#define CC_SIGPRIVMASK 0xFF000000 /* Mask to check if sig is private. */
/*
* Structure to hold data and function pointers that together represent a

View File

@ -182,6 +182,10 @@ newreno_cong_signal(struct cc_var *ccv, uint32_t type)
{
u_int win;
/* Catch algos which mistakenly leak private signal types. */
KASSERT((type & CC_SIGPRIVMASK) == 0,
("%s: congestion signal type 0x%08x is private\n", __func__, type));
win = max(CCV(ccv, snd_cwnd) / 2 / CCV(ccv, t_maxseg), 2) *
CCV(ccv, t_maxseg);