From mboxrd@z Thu Jan  1 00:00:00 1970
From: Greg KH <gregkh@linux-foundation.org>
Subject: Re: [PATCH stable 4.4 5/9] tcp: free batches of packets in
 tcp_prune_ofo_queue()
Date: Wed, 15 Aug 2018 15:25:09 +0200
Message-ID: <20180815132509.GH31330@kroah.com>
References: <1534339268-111834-1-git-send-email-maowenan@huawei.com>
 <1534339268-111834-6-git-send-email-maowenan@huawei.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: dwmw2@infradead.org, netdev@vger.kernel.org,
        eric.dumazet@gmail.com, edumazet@google.com, davem@davemloft.net,
        ycheng@google.com, jdw@amazon.de
To: Mao Wenan <maowenan@huawei.com>
Return-path: <netdev-owner@vger.kernel.org>
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:49899 "EHLO
        out1-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1729018AbeHOQRV (ORCPT
        <rfc822;netdev@vger.kernel.org>); Wed, 15 Aug 2018 12:17:21 -0400
Content-Disposition: inline
In-Reply-To: <1534339268-111834-6-git-send-email-maowenan@huawei.com>
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On Wed, Aug 15, 2018 at 09:21:04PM +0800, Mao Wenan wrote:
> From: Eric Dumazet <edumazet@google.com>
> 
> Juha-Matti Tilli reported that malicious peers could inject tiny
> packets in out_of_order_queue, forcing very expensive calls
> to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for
> every incoming packet. out_of_order_queue rb-tree can contain
> thousands of nodes, iterating over all of them is not nice.
> 
> Before linux-4.9, we would have pruned all packets in ofo_queue
> in one go, every XXXX packets. XXXX depends on sk_rcvbuf and skbs
> truesize, but is about 7000 packets with tcp_rmem[2] default of 6 MB.
> 
> Since we plan to increase tcp_rmem[2] in the future to cope with
> modern BDP, can not revert to the old behavior, without great pain.
> 
> Strategy taken in this patch is to purge ~12.5 % of the queue capacity.
> 
> Fixes: 36a6503fedda ("tcp: refine tcp_prune_ofo_queue() to not drop all packets")
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Reported-by: Juha-Matti Tilli <juha-matti.tilli@iki.fi>
> Acked-by: Yuchung Cheng <ycheng@google.com>
> Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
> Signed-off-by: David S. Miller <davem@davemloft.net>
> Signed-off-by: root <root@localhost.localdomain>

root?

And commit id?

thanks,

greg k-h