linux/net/ipv4
Herbert Xu 2ad41065d9 [TCP]: Clear stale pred_flags when snd_wnd changes
This bug is responsible for causing the infamous "Treason uncloaked"
messages that's been popping up everywhere since the printk was added.
It has usually been blamed on foreign operating systems.  However,
some of those reports implicate Linux as both systems are running
Linux or the TCP connection is going across the loopback interface.

In fact, there really is a bug in the Linux TCP header prediction code
that's been there since at least 2.1.8.  This bug was tracked down with
help from Dale Blount.

The effect of this bug ranges from harmless "Treason uncloaked"
messages to hung/aborted TCP connections.  The details of the bug
and fix is as follows.

When snd_wnd is updated, we only update pred_flags if
tcp_fast_path_check succeeds.  When it fails (for example,
when our rcvbuf is used up), we will leave pred_flags with
an out-of-date snd_wnd value.

When the out-of-date pred_flags happens to match the next incoming
packet we will again hit the fast path and use the current snd_wnd
which will be wrong.

In the case of the treason messages, it just happens that the snd_wnd
cached in pred_flags is zero while tp->snd_wnd is non-zero.  Therefore
when a zero-window packet comes in we incorrectly conclude that the
window is non-zero.

In fact if the peer continues to send us zero-window pure ACKs we
will continue making the same mistake.  It's only when the peer
transmits a zero-window packet with data attached that we get a
chance to snap out of it.  This is what triggers the treason
message at the next retransmit timeout.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2005-10-27 15:11:04 -02:00
..
ipvs [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
netfilter [NETFILTER]: Fix OOPSes on machines with discontiguous cpu numbering. 2005-10-13 14:41:23 -07:00
af_inet.c [IPV4] fib_trie: fix proc interface 2005-09-09 13:35:42 -07:00
ah4.c [CRYPTO]: crypto_free_tfm() callers no longer need to check for NULL 2005-09-01 17:44:29 -07:00
arp.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
datagram.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
devinet.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
esp4.c [IPSEC] Fix block size/MTU bugs in ESP 2005-10-10 21:11:34 -07:00
fib_frontend.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
fib_hash.c [NET]: use __read_mostly on kmem_cache_t , DEFINE_SNMP_STAT pointers 2005-08-29 16:11:18 -07:00
fib_lookup.h [IPV4]: Prepare FIB core for RCU. 2005-08-29 16:08:31 -07:00
fib_rules.c [NETLINK]: Correctly set NLM_F_MULTI without checking the pid 2005-06-18 22:54:12 -07:00
fib_semantics.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
fib_trie.c [IPV4]: fib_trie root-node expansion 2005-10-04 13:01:58 -07:00
icmp.c [IPV4]: Update icmp sysctl docs and disable broadcast ECHO/TIMESTAMP by default 2005-10-03 16:07:30 -07:00
igmp.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
inet_connection_sock.c [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
inet_diag.c [NETLINK]: Add "groups" argument to netlink_kernel_create 2005-08-29 16:01:11 -07:00
inet_hashtables.c [NET]: Introduce inet_connection_sock 2005-08-29 15:43:19 -07:00
inet_timewait_sock.c [TWSK]: Grab the module refcount for timewait sockets 2005-10-10 21:25:23 -07:00
inetpeer.c [PATCH] timer initialization cleanup: DEFINE_TIMER 2005-09-09 14:03:48 -07:00
ip_forward.c [IPV4]: Remove some dead code from ip_forward() 2005-08-29 16:03:06 -07:00
ip_fragment.c [IPV4]: Reassembly trim not clearing CHECKSUM_HW 2005-09-06 15:51:48 -07:00
ip_gre.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
ip_input.c [NET]: use __read_mostly on kmem_cache_t , DEFINE_SNMP_STAT pointers 2005-08-29 16:11:18 -07:00
ip_options.c [IP]: Introduce ip_options_get_from_user 2005-08-29 16:01:39 -07:00
ip_output.c [SK_BUFF]: ipvs_property field must be copied 2005-10-22 17:06:01 -02:00
ip_sockglue.c [IP]: Introduce ip_options_get_from_user 2005-08-29 16:01:39 -07:00
ipcomp.c [CRYPTO]: crypto_free_tfm() callers no longer need to check for NULL 2005-09-01 17:44:29 -07:00
ipconfig.c [NET]: fix-up schedule_timeout() usage 2005-09-12 14:15:34 -07:00
ipip.c [NET]: fix oops after tunnel module unload 2005-07-30 17:46:44 -07:00
ipmr.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
Kconfig [INET_DIAG]: Move the tcp_diag interface to the proper place 2005-08-29 15:57:54 -07:00
Makefile [INET_DIAG]: Move the tcp_diag interface to the proper place 2005-08-29 15:57:54 -07:00
multipath_drr.c [IPV4]: possible cleanups 2005-08-29 15:33:20 -07:00
multipath_random.c [IPV4]: Multipath modules need a license to prevent kernel tainting. 2005-06-13 14:29:06 -07:00
multipath_rr.c [IPV4]: Multipath modules need a license to prevent kernel tainting. 2005-06-13 14:29:06 -07:00
multipath_wrandom.c [IPV4]: Multipath modules need a license to prevent kernel tainting. 2005-06-13 14:29:06 -07:00
multipath.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
netfilter.c [NETFILTER]: Move reroute-after-queue code up to the nf_queue layer. 2005-08-29 15:36:19 -07:00
proc.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
protocol.c [TCP]: Move the tcp sock states to net/tcp_states.h 2005-08-29 15:41:54 -07:00
raw.c [PATCH] raw_sendmsg DoS on 2.6 2005-09-19 18:45:42 -07:00
route.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
syncookies.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
sysctl_net_ipv4.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
tcp_bic.c [TCP]: BIC coding bug in Linux 2.6.13 2005-10-05 12:09:31 -07:00
tcp_cong.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_diag.c [INET_DIAG]: Move the tcp_diag interface to the proper place 2005-08-29 15:57:54 -07:00
tcp_highspeed.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_htcp.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_hybla.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_input.c [TCP]: Clear stale pred_flags when snd_wnd changes 2005-10-27 15:11:04 -02:00
tcp_ipv4.c [INET]: speedup inet (tcp/dccp) lookups 2005-10-03 14:13:38 -07:00
tcp_minisocks.c [TCP]: Set default congestion control correctly for incoming connections. 2005-09-21 00:19:46 -07:00
tcp_output.c [TCP] Allow len == skb->len in tcp_fragment 2005-10-20 17:13:13 -02:00
tcp_scalable.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_timer.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_vegas.c [INET_DIAG]: Rename tcp_diag.[ch] to inet_diag.[ch] 2005-08-29 15:57:48 -07:00
tcp_westwood.c [INET_DIAG]: Rename tcp_diag.[ch] to inet_diag.[ch] 2005-08-29 15:57:48 -07:00
tcp.c [TCP]: Fix TCP_OFF() bug check introduced by previous change. 2005-09-05 18:55:48 -07:00
udp.c [IPV4] udp: trim forgets about CHECKSUM_HW 2005-09-08 12:32:21 -07:00
xfrm4_input.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
xfrm4_output.c [IPSEC]: Add XFRM_STATE_NOPMTUDISC flag 2005-06-20 13:21:43 -07:00
xfrm4_policy.c [IPSEC]: Store idev entries 2005-05-03 16:27:10 -07:00
xfrm4_state.c [IPV4]: possible cleanups 2005-08-29 15:33:20 -07:00
xfrm4_tunnel.c [NET]: Make ipip/ip6_tunnel independant of XFRM 2005-07-19 14:03:34 -07:00