From: Pavel Emelyanov <xemul@parallels.com>
To: Linux Netdev List <netdev@vger.kernel.org>,
David Miller <davem@davemloft.net>
Subject: [PATCH net-next 0/3] TCP connection repair (v3)
Date: Wed, 28 Mar 2012 19:36:01 +0400 [thread overview]
Message-ID: <4F732FE1.9040906@parallels.com> (raw)
Hi!
Attempt #3 with transparent TCP connection hijacking
(previous one is here http://lists.openwall.net/netdev/2012/03/06/65).
Changes since v2:
* The CAP_NET_ADMIN is required to turn repair on, not CAP_SYS_ADMIN
* Changed read queue seq sockoption to work on the rcv_nxt, not the
copied_seq to address the issue with syn flag in the fake header
(see below).
* Resolved issues with syn and fin flags in fake headers.
Fin can and should be dropped. The repair mode is currently allowed
only for closed and established sockets and thus we cannot meet an
skb with this flag in the original socket (queuing fin to receive
queue switches the established state to the close-wait one).
Syn can also be dropped. This flag in the recv queue's skb means the
respective skb's seq is off-by-one relative to the actual amount of
data on it. Thus, removing the flag from fake skb and fixing the seq
respectively solves the issue.
However, in order to do so it's not enough to know the copied_seq and
recv queue length only (rcv_nxt should be copied_seq plus data length
plus "syn-is-there"). Thus, the rcv queue seq get/set sockoption is
changed to work on the rcv_nxt itself. IOW I emulate the situation
when the packet with data and syn is splitted into two -- a packet with
syn and a packet with data and the former one is already "eaten".
Thanks,
Pavel
next reply other threads:[~2012-03-28 15:36 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-28 15:36 Pavel Emelyanov [this message]
2012-03-28 15:36 ` [PATCH 1/3] tcp: Move code around Pavel Emelyanov
2012-03-28 15:37 ` [PATCH 2/3] tcp: Initial repair mode Pavel Emelyanov
2012-03-28 17:20 ` Glauber Costa
2012-03-29 9:52 ` Pavel Emelyanov
2012-03-28 20:39 ` Ben Hutchings
2012-03-29 9:53 ` Pavel Emelyanov
2012-03-28 15:38 ` [PATCH 3/3] tcp: Repair socket queues Pavel Emelyanov
2012-03-29 10:30 ` Li Yu
2012-03-29 10:36 ` Pavel Emelyanov
2012-03-29 10:41 ` Li Yu
2012-03-29 10:41 ` Li Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F732FE1.9040906@parallels.com \
--to=xemul@parallels.com \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.