[RFC PATCH v3 09/10] tcp: Check for filled TCP option space before SACK

Mat Martineau Wed, 09 Oct 2019 16:09:11 -0700

The SACK code would potentially add four bytes to the expected
TCP option size even if all option space was already used.


Signed-off-by: Mat Martineau <mathew.j.martin...@linux.intel.com>
---
 net/ipv4/tcp_output.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index 8469a109f0aa..512e521101e1 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -748,6 +748,9 @@ static unsigned int tcp_established_options(struct sock 
*sk, struct sk_buff *skb
                size += TCPOLEN_TSTAMP_ALIGNED;
        }
 
+       if (size + TCPOLEN_SACK_BASE_ALIGNED >= MAX_TCP_OPTION_SPACE)
+               return size;
+
        eff_sacks = tp->rx_opt.num_sacks + tp->rx_opt.dsack;
        if (unlikely(eff_sacks)) {
                const unsigned int remaining = MAX_TCP_OPTION_SPACE - size;
-- 
2.23.0

[RFC PATCH v3 09/10] tcp: Check for filled TCP option space before SACK

Reply via email to