d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b4b7eeb094
freebsd-skq/sys
History
andre b4b7eeb094 Refactor and rewrite in parts the SYN handling code on listen sockets 
in tcp_input():

 o tighten the checks on allowed TCP flags to be RFC793 and
   tcp-secure conform
 o log check failures to syslog at LOG_DEBUG level
 o rearrange the code flow to be easier to follow
 o add KASSERTs to validate assumptions of the code flow

Add sysctl net.inet.tcp.syncache.rst_on_sock_fail defaulting to enable
that controls the behavior on socket creation failure for a otherwise
successful 3-way handshake.  The socket creation can fail due to global
memory shortage, listen queue limits and file descriptor limits.  The
sysctl allows to chose between two options to deal with this.  One is
to send a reset to the other endpoint to notify it about the failure
(default).  The other one is to ignore and treat the failure as a
transient error and have the other endpoint retransmit for another try.

Reviewed by:	rwatson (in general)
2007-05-28 11:03:53 +00:00
..
amd64 Remove "XXX Giant" comments before calls to kdb_trap() -- the kernel 2007-05-27 19:16:45 +00:00
arm Search for a proper ucode image to use by incrementing the minor 2007-05-24 16:31:22 +00:00
boot Have the processor defer all faults and exceptions for control 2007-05-27 19:02:47 +00:00
bsm Change $P4$ ID strings to P4 ID strings so that they are not auto-expanded 2007-04-17 12:27:08 +00:00
cam Remove duplicate includes. 2007-05-23 13:36:02 +00:00
cddl Adjust va_mask for setattr. FreeBSD doesn't have va_mask, so we initialize it 2007-05-28 02:37:43 +00:00
coda Since renaming of vop_lock to _vop_lock, pre- and post-condition 2007-05-18 13:02:13 +00:00
compat There are too many false positive LORs reported by WITNESS, so when ZFS 2007-05-26 21:37:14 +00:00
conf (MFp4) 2007-05-25 09:48:20 +00:00
contrib Adjust va_mask for setattr. FreeBSD doesn't have va_mask, so we initialize it 2007-05-28 02:37:43 +00:00
crypto Integrate the Camellia Block Cipher. For more information see RFC 4132 2007-05-09 19:37:02 +00:00
ddb
dev We should better ignore a break on gdb port if gdb is not enabled. 2007-05-28 02:20:40 +00:00
fs Rather than entering the debugger via kdb_enter() when detecting memory 2007-05-27 13:12:36 +00:00
gdb
geom Fix a dereference in KASSERT. 2007-05-15 23:29:57 +00:00
gnu
i4b
i386 Eliminate an unused definition. 2007-05-27 20:34:26 +00:00
ia64 Eliminate an unused definition. 2007-05-27 20:34:26 +00:00
isa When trying to allocate a PnP BIOS memory resource, the code loops trying 2007-04-17 15:14:23 +00:00
kern Universally adopt most conventional spelling of acquire. 2007-05-27 20:50:23 +00:00
libkern strchr() and strrchr() are already present in the kernel, but with less 2007-04-10 21:42:12 +00:00
modules (MFp4) 2007-05-25 09:48:20 +00:00
net Some minor cleanups: 2007-05-22 16:17:31 +00:00
net80211 - Nuke unnecessary header. 2007-05-05 11:07:52 +00:00
netatalk Reduce network stack oddness: implement .pru_sockaddr and .pru_peeraddr 2007-05-11 10:20:51 +00:00
netatm
netgraph Universally adopt most conventional spelling of acquire. 2007-05-27 20:50:23 +00:00
netinet Refactor and rewrite in parts the SYN handling code on listen sockets 2007-05-28 11:03:53 +00:00
netinet6 do not directly call rtfree() to meet an assumption in the callee. 2007-05-25 06:44:00 +00:00
netipsec Integrate the Camellia Block Cipher. For more information see RFC 4132 2007-05-09 19:37:02 +00:00
netipx Use ANSI C function declarations throughout netipx. 2007-05-11 10:38:34 +00:00
netkey
netnatm s/destory/destroy/ (except for the code in contrib/). 2007-04-16 12:31:35 +00:00
netncp In ncp_conn_alloc(), a new credential pointer, 'owner', is set up to point 2007-05-27 17:14:33 +00:00
netsmb
nfs
nfs4client
nfsclient In nfs_down(), if rep can be NULL, which we test for, then we should 2007-05-18 19:34:54 +00:00
nfsserver Remove MAC Framework access control check entry points made redundant with 2007-04-22 15:31:22 +00:00
opencrypto Integrate the Camellia Block Cipher. For more information see RFC 4132 2007-05-09 19:37:02 +00:00
pc98 MFi386: revision 1.652 2007-05-21 11:57:36 +00:00
pccard
pci Implement assert() in ncr.c using KASSERT() rather than explicitly testing 2007-05-27 19:08:57 +00:00
powerpc Don't initialize the decrementer before initclocks() is called. 2007-05-27 21:05:35 +00:00
rpc Move rpc/types.h under sys/, as this is used by ZFS kernel module. 2007-04-10 22:10:16 +00:00
security No need to force __inline__ of currecord(), as the compiler will usefully 2007-05-23 09:32:30 +00:00
sparc64 Allow FreeBSD's native ELF image activators to execute shared libraries the 2007-05-22 02:22:58 +00:00
sun4v remove unneccessary curcpu reference in setting mmfsa 2007-05-25 01:55:51 +00:00
sys The cache_leaf_test() function seems to be unused, so remove it. 2007-05-25 22:16:17 +00:00
tools
ufs - Remove unnecessary vnode internal locking - v_vflag is protect by vnode's 2007-05-28 00:28:15 +00:00
vm Eliminate the reactivation of cached pages in vm_fault_prefault() and 2007-05-22 04:45:59 +00:00
Makefile o Add bsm and security to a list of cscope dirs. 2007-04-14 16:29:15 +00:00