From: Andrey Dmitrov <andrey.dmitrov@oktetlabs.ru>
To: Yuchung Cheng <ycheng@google.com>,
Hannes Frederic Sowa <hannes@stressinduktion.org>
Cc: netdev <netdev@vger.kernel.org>,
"Alexandra N. Kossovsky" <Alexandra.Kossovsky@oktetlabs.ru>,
Konstantin Ushakov <kostik@oktetlabs.ru>
Subject: Re: TCP connection will hang in FIN_WAIT1 after closing if zero window is advertised
Date: Tue, 16 Sep 2014 16:49:07 +0400 [thread overview]
Message-ID: <541831C3.9020705@oktetlabs.ru> (raw)
In-Reply-To: <CAK6E8=fQOA7Mav=a0NJxozAv-AHUV8vcsy+uMJVcH+6zcOE5=A@mail.gmail.com>
On 16/09/14 03:37, Yuchung Cheng wrote:
> I think the vulnerability comes from the peer/attacker actually
> responds to the probes to evade the orphan counts or memory checks in
> tcp_probe_timer(). This is a gray area of being legit but suspiciously
> mis-behaving?
> maybe have socket option TCP_USER_TIMEOUT for apps to cover conditions
> like these.
Yuchung,
I've tried to use socket option TCP_USER_TIMEOUT, but unfortunately it
does not help here. I think it is because all packets get their
acknowledges.
To everybody,
As I understand there is a sensitive difference in the connection
behavior when the zero window is advertised. In this case there is no
warranty that after socket closing the connection will be actually
closed in a finite time. And probably this cannot be regulated at the
moment. On the other hand if the zero window was not advertised, user
can be sure that the connection is closed in a finite time despite on
any peer actions. Moreover user can configure this time with the
corresponding timeouts. I.e. a user has a lot of options to configure
different timeouts, but in fact despite on his actions he has no
guarantee that the connection will be closed at all.
Thanks,
Andrey
next prev parent reply other threads:[~2014-09-16 12:49 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-15 16:11 TCP connection will hang in FIN_WAIT1 after closing if zero window is advertised Andrey Dmitrov
2014-09-15 19:43 ` Neal Cardwell
2014-09-16 9:29 ` Andrey Dmitrov
2014-09-15 23:15 ` Hannes Frederic Sowa
2014-09-15 23:37 ` Yuchung Cheng
2014-09-16 12:49 ` Andrey Dmitrov [this message]
2014-09-16 1:50 ` Eric Dumazet
2014-09-16 8:37 ` Hannes Frederic Sowa
2014-09-16 12:47 ` Andrey Dmitrov
2014-09-16 13:09 ` Eric Dumazet
2014-09-16 14:08 ` Andrey Dmitrov
2014-09-16 15:11 ` Yuchung Cheng
2014-09-16 16:31 ` Neal Cardwell
2014-09-16 17:04 ` Eric Dumazet
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=541831C3.9020705@oktetlabs.ru \
--to=andrey.dmitrov@oktetlabs.ru \
--cc=Alexandra.Kossovsky@oktetlabs.ru \
--cc=hannes@stressinduktion.org \
--cc=kostik@oktetlabs.ru \
--cc=netdev@vger.kernel.org \
--cc=ycheng@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).