From nobody Sat Aug 03 23:06:32 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wbyxh5q3gz5RWGK for ; Sat, 03 Aug 2024 23:06:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wbyxh4mfTz4PDq for ; Sat, 3 Aug 2024 23:06:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722726392; a=rsa-sha256; cv=none; b=BZzc7f9l61YvGP5wLfO/7SowPeJhqB3qQS45diURbw5OEPzBpMOUTS73HuuGZhSd2aTmy/ F6T9cuTyaY0Q6csumsjUgUtLxQEYINiS/76j0RfH16izBsTnJrpW1Jxn6MLfysSCJPjyp+ hsltvCiByuNNsktTB7UpEymb7WUbRxtYb5rg6kS4rl4iX3lgvNv5sMoIbFjtTShV4I15E3 yN9MYNPnvMKPGtk9rfAyIXeq4nvq55zJYkJmZt4rkg6gmCWdZSuPaYLSRWVTspezUvsjJg k14ll9f4eZYwwz71oNHWm0lrowZpKkRandwasnl2Tf57pEdcpBkIYqUZJmKjpA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1722726392; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=4zdO22w+9nbj2Lut+h1o3ZuqHVRUOc/o9WEcl8yq4AE=; b=IPw8fmCLg6RAEWyVxBd6+7GdBDBSrg526//nPrW5QBvWZu7v6k0SCsSU/zJ7e4IEsZ83KS vg8QYZV38xuej5pnP9r8aNr7OItj7Q1zpmel2hTe99g6INTHlYshNyw9yxe0pRrE9u2+OV ICHx1b17qE/ej8YPIDScnHS30+oBg/cY2Iukg3t0hYzl4YqNiZIN0FuXcReYUdBkIdjGBh zG6pE2ry3wIeWxGePVytTJl0maawPvvhjblrjxQqrwSYYUG7lXNlkoBzSseSB8QxnoNxDC iBy5bq4KstOsK3ChNkzyasTbgOxxpnlgviODWqsldybEoYiHxFrwebmodezPKQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wbyxh4JCKzX5n for ; Sat, 3 Aug 2024 23:06:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 473N6WMa054214 for ; Sat, 3 Aug 2024 23:06:32 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 473N6WgK054213 for net@FreeBSD.org; Sat, 3 Aug 2024 23:06:32 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 250357] [tcp] RFC 5961 is not implemented completely Date: Sat, 03 Aug 2024 23:06:32 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: needs-qa X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: tuexen@freebsd.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250357 --- Comment #6 from commit-hook@FreeBSD.org --- A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D1ce8cf6f7bdf5e9f8e497be5e3c54767f= a0a7cf8 commit 1ce8cf6f7bdf5e9f8e497be5e3c54767fa0a7cf8 Author: Michael Tuexen AuthorDate: 2024-07-21 09:37:35 +0000 Commit: Michael Tuexen CommitDate: 2024-08-03 23:05:13 +0000 tcp: improve SEG.ACK validation Implement the improved SEG.ACK validation described in RFC 5961. In addition to that, also detect ghost ACKs, which are ACKs for data that has never been sent. The additional checks are enabled by default, but can be disabled by setting the sysctl-variable net.inet.tcp.insecure_ack to a non-zero value. PR: 250357 Reviewed by: Peter Lei, rscheff (older version) Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D45894 (cherry picked from commit 646c28ea80cb0f9258386626297495b5a0e56db5) share/man/man4/tcp.4 | 5 ++++- sys/netinet/tcp_input.c | 44 +++++++++++++++++++++++++++++++++++++++= ++++ sys/netinet/tcp_stacks/bbr.c | 37 ++++++++++++++++++++++++++++++++++++ sys/netinet/tcp_stacks/rack.c | 39 ++++++++++++++++++++++++++++++++++++++ sys/netinet/tcp_var.h | 8 +++++++- usr.bin/netstat/inet.c | 8 ++++++-- 6 files changed, 137 insertions(+), 4 deletions(-) --=20 You are receiving this mail because: You are on the CC list for the bug.=