From nobody Sun Jul 21 18:44:12 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WRsl20Kjpz5QGXR for ; Sun, 21 Jul 2024 18:44:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WRsl16NlSz42xx for ; Sun, 21 Jul 2024 18:44:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1721587453; a=rsa-sha256; cv=none; b=qYPJvZn2AKL8hreZ7UQhLDA/g+pKE2GWsKexWkiLKvWmnA0S65ra+P1GNvVPkKuTkmKg1D QyuWk1282HO3ZvRdcU1pSkuHrVpi7R8kjDbDsMW4iAErA3KhcBOMgm4OvPxxXcj34hP3NO NPurlqxxxY/Or+ebW9tRHOatWAtQ8WZlHXugzbRBusygH6N7DMS4eyZsPDK2Hv8OsQNHUQ tUY6ZgDM7NL6V6ftCq5c16b+k87q1l0F1mDQJLspW3TcQgQJjqzb4EEMpn3eSBJlgki1Xt nSTA2GeLdvscbx4GzCFsazwZB/biRXNbD0TE1VJ+ZQcmFH0DB7uJhIqG8LlPCA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1721587453; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=tVbANujM/cym6BPD0b7GrTVhaolYMSortddoHCw+Oak=; b=o3IgLlGgkESuXsP2gRXxcY/G9RBAPGOXq00rwzrUoOGhzn+WnP1MvUuNkMSRAtnHFhTxP0 Jx5awc9vWJsbVqZB9UjUXfSLwgUjhSHAQdnAhhptB9YfRaTu+VCTQV4O5YAoKr03KNZR7j +Eo4yazFmhgjKjDhhCEjd8lEHkKGcy3m0v855ClVva1Y6NuZqK94NsRL+rxoga4R8/4VFW OiOE9mwN8miO82Zxu2UU5OVMJYKbooNvXxOyJilH+NJ0hM+VTJvh8NdMG9EE0lTL5t9xQe AVTeIFrB3dzkA7pjQdix61ru/fW/dVP6YyPQn3kuGAKi7AEw4KpYqwhEeA1u0g== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WRsl160XFz1BSW for ; Sun, 21 Jul 2024 18:44:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 46LIiDvq061231 for ; Sun, 21 Jul 2024 18:44:13 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 46LIiDSs061230 for net@FreeBSD.org; Sun, 21 Jul 2024 18:44:13 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 250357] [tcp] RFC 5961 is not implemented completely Date: Sun, 21 Jul 2024 18:44:12 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: needs-qa X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: tuexen@freebsd.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250357 --- Comment #5 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D646c28ea80cb0f9258386626297495b5a= 0e56db5 commit 646c28ea80cb0f9258386626297495b5a0e56db5 Author: Michael Tuexen AuthorDate: 2024-07-21 09:37:35 +0000 Commit: Michael Tuexen CommitDate: 2024-07-21 09:37:35 +0000 tcp: improve SEG.ACK validation Implement the improved SEG.ACK validation described in RFC 5961. In addition to that, also detect ghost ACKs, which are ACKs for data that has never been sent. The additional checks are enabled by default, but can be disabled by setting the sysctl-variable net.inet.tcp.insecure_ack to a non-zero value. PR: 250357 Reviewed by: Peter Lei, rscheff (older version) MFC after: 1 week Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D45894 share/man/man4/tcp.4 | 5 ++++- sys/netinet/in_kdtrace.c | 2 ++ sys/netinet/in_kdtrace.h | 3 +++ sys/netinet/tcp_input.c | 44 +++++++++++++++++++++++++++++++++++++++= ++++ sys/netinet/tcp_stacks/bbr.c | 37 ++++++++++++++++++++++++++++++++++++ sys/netinet/tcp_stacks/rack.c | 39 ++++++++++++++++++++++++++++++++++++++ sys/netinet/tcp_var.h | 9 ++++++++- usr.bin/netstat/inet.c | 8 ++++++-- 8 files changed, 143 insertions(+), 4 deletions(-) --=20 You are receiving this mail because: You are on the CC list for the bug.=