Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3376056pxb;
        Mon, 9 Nov 2020 09:31:41 -0800 (PST)
X-Google-Smtp-Source: ABdhPJyARXUMRIcpd9ld3wgd/Sk3PUrVK047F/PV+ZgkmWFh98qkq4emn81EyL+feOQosRne9juS
X-Received: by 2002:a17:907:c05:: with SMTP id ga5mr10919208ejc.212.1604943101449;
        Mon, 09 Nov 2020 09:31:41 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1604943101; cv=none;
        d=google.com; s=arc-20160816;
        b=0PIFqEeSIshj52OtiW/jx3qVWRHfaA85eQJqbYT0LKUaXOjJBkjYAdAd4/+vdV66U3
         Rkd9BPV9QNOk8jL/dr1S+iA4Zox/861WIiKlK7TWfRXf1LqL+H7hYxTfyBNn+jcRhaWJ
         XXH7yEpFU1EeQsoobQrJBaek34qGmK5NaHSQDsYQZxvbkqmKmL6nMrXLtyrIUrGRD6Tl
         kHNjroIGvvp3VhoVBtFdR6JeOmqDvqpvEo49MqnDl8n8AwgbQT5SwYPvwDBPxCHJqZFz
         AJSRVZSBc2Tj9BzFrhWI9WEdpjkp9Y1/t3ip0lZSdK0w46w27A8Njo+AQmN51O21Neui
         14Xg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=iS7wGl9RDeoaCYAmtEhoMmhifB7Bkd936j4hSXda9EQ=;
        b=f+AvxnsbV9td+Jpc2MPqpn1G3Mg0gPqj+WulHA2XW5Y8472oxHw0D9iJyOY23eDvUt
         ZPtRImoesBjRYIunN3ZP35ZjFTX1fjRyZn0/ALDnqH1zn+hn5xJnHZOP3FScxhS8VQ5n
         zoruHqO9UogTBlyF+LlHtNMsO1MH5uyvUluOyAOds51BDb8MQI3x/2mKKrv9YlgYpAW9
         b88qAaLbxAnObPhv+1dztsv8IQ5GOQvzGPyB/EGucyCotvJ1Yhc6AxPP5hN6oaO6xKPP
         iirR7OsmIC9XqF1eBpVfg6aaZHasfxyMg2stjrX+eEbZoLtXV/bQIWSMlfjbsbf8bMdd
         Tkig==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=qORLalHD;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id g18si7656912edq.53.2020.11.09.09.31.18;
        Mon, 09 Nov 2020 09:31:41 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=qORLalHD;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731800AbgKIR3J (ORCPT <rfc822;patchstalker@gmail.com>
        + 99 others); Mon, 9 Nov 2020 12:29:09 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34606 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1731172AbgKIR3G (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 9 Nov 2020 12:29:06 -0500
Received: from mail-io1-xd43.google.com (mail-io1-xd43.google.com [IPv6:2607:f8b0:4864:20::d43])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 145ECC0613D4
        for <linux-kernel@vger.kernel.org>; Mon,  9 Nov 2020 09:29:06 -0800 (PST)
Received: by mail-io1-xd43.google.com with SMTP id o11so10607677ioo.11
        for <linux-kernel@vger.kernel.org>; Mon, 09 Nov 2020 09:29:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=iS7wGl9RDeoaCYAmtEhoMmhifB7Bkd936j4hSXda9EQ=;
        b=qORLalHDW7LGVeTLFECbEXBBMT8mS1jyJOQ7Axna9Vlw0y963SK1p2R0JlsGhmfOK9
         8bgUaLFJYUNfcAvFyKnHovCj641LwmTqB6fCfJjil+/qDFOyBb6wlVRxGTwwew8ypGoR
         LMQFpHhxF5dwrr2ILH6vh1eQOjBomAkSxcUu/wjuB48B6SnZ/VAVB18n90Sl1IFZ8tEF
         YJK4Zxl435cMVsAjv/26doLLb6IH82kTuey6+N0STwu49m5fkh0CmibRmqKuc5lVOoBf
         tdhbaoNvTRJQlNWJMkRjjjr+pFroHaJTv7f4NamaIfBe247GhYhVMxqPiQjCiQ2TEOvF
         Qr8g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=iS7wGl9RDeoaCYAmtEhoMmhifB7Bkd936j4hSXda9EQ=;
        b=QlXGaSUK038S3e9zpCb7GaX09jDhw7uYQfTJJA4VQMqgzvUf2ohdZVUq+c/jbUVOkA
         mlrOYQXuQQQ1wg1WLgAtf8R0FfHdosA960OWAZ0A5spPZpAVBb62b1C60LVXWoAwPPTY
         1h3i9ZyyKX9QQbONFmnjhV5v48u07cZHHu2sjQbwpexLdfWsznwvHn8V9pVNz8/RBUwX
         OZXRDO/l5wtBI5IdOMVZdjA0nFcysnWyd95vbi+0Zm5cIVJKSbvKdnpsMTzonxMN2LQp
         oV+6chgCFcv+Ly7FX3nJbcFyBesKwFZd+gfdY6+5Yo3/Pm0C3ykCKf5apWAUYtiKoTGU
         RXJQ==
X-Gm-Message-State: AOAM533FPMqACd6l7bozx0+T9a5jXz8WE9Bcg0xBrFsVbQBO02q433nQ
        60KRAcCsbbGYIh6TBiqSVOFGykq0hpPFRjsdL7oNuA==
X-Received: by 2002:a02:7112:: with SMTP id n18mr11937162jac.34.1604942945017;
 Mon, 09 Nov 2020 09:29:05 -0800 (PST)
MIME-Version: 1.0
References: <CANn89iLVWFgDvkUygK8Sh_H7=qFmuZKo1h=aoq+F57J28r4EUA@mail.gmail.com>
 <1604942276-92635-1-git-send-email-wenan.mao@linux.alibaba.com>
In-Reply-To: <1604942276-92635-1-git-send-email-wenan.mao@linux.alibaba.com>
From:   Eric Dumazet <edumazet@google.com>
Date:   Mon, 9 Nov 2020 18:28:53 +0100
Message-ID: <CANn89i+ABLMJTEKat=9=qujNwe0BFavphzqYc1CQGtrdkwUnXg@mail.gmail.com>
Subject: Re: [PATCH net v4] net: Update window_clamp if SOCK_RCVBUF is set
To:     Mao Wenan <wenan.mao@linux.alibaba.com>
Cc:     David Miller <davem@davemloft.net>,
        Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
        Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
        Jakub Kicinski <kuba@kernel.org>,
        netdev <netdev@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>,
        kernel-janitors@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Nov 9, 2020 at 6:18 PM Mao Wenan <wenan.mao@linux.alibaba.com> wrote:
>
> When net.ipv4.tcp_syncookies=1 and syn flood is happened,
> cookie_v4_check or cookie_v6_check tries to redo what
> tcp_v4_send_synack or tcp_v6_send_synack did,
> rsk_window_clamp will be changed if SOCK_RCVBUF is set,
> which will make rcv_wscale is different, the client
> still operates with initial window scale and can overshot
> granted window, the client use the initial scale but local
> server use new scale to advertise window value, and session
> work abnormally.
>
> Fixes: e88c64f0a425 ("tcp: allow effective reduction of TCP's rcv-buffer via setsockopt")
> Signed-off-by: Mao Wenan <wenan.mao@linux.alibaba.com>
> ---
>  v4: change fixes tag format, and delay the actual call to
>  tcp_full_space().
>  v3: add local variable full_space, add fixes tag.
>  v2: fix for ipv6.
>  net/ipv4/syncookies.c | 8 +++++++-
>  net/ipv6/syncookies.c | 9 ++++++++-
>  2 files changed, 15 insertions(+), 2 deletions(-)
>
> diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
> index 6ac473b..8784e1f 100644
> --- a/net/ipv4/syncookies.c
> +++ b/net/ipv4/syncookies.c
> @@ -327,6 +327,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb)
>         struct inet_request_sock *ireq;
>         struct tcp_request_sock *treq;
>         struct tcp_sock *tp = tcp_sk(sk);
> +       int full_space;

SGTM. although you could have avoided adding a variable breaking the almost
correct reverse Christmas tree that some of us prefer.

Something like this would look better :

diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index 6ac473b47f30d4d5e5e9455424b1a91d84e649ee..78af720f3e2c6dcdc7298178c5d2f02f0e425e04
100644
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -331,7 +331,7 @@ struct sock *cookie_v4_check(struct sock *sk,
struct sk_buff *skb)
        __u32 cookie = ntohl(th->ack_seq) - 1;
        struct sock *ret = sk;
        struct request_sock *req;
-       int mss;
+       int full_space, mss;
        struct rtable *rt;
        __u8 rcv_wscale;
        struct flowi4 fl4;