diff options
author | David Gibson <david@gibson.dropbear.id.au> | 2024-03-26 16:42:24 +1100 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2024-03-26 09:52:04 +0100 |
commit | 4988e2b406313c579836dc31867d793cfe77535c (patch) | |
tree | 811fbe1905875fd9a5f5a1fa76e8c91f7f71456e | |
parent | 5894a245b93f3c848c3a42d1c625eef3656b2eec (diff) | |
download | passt-4988e2b406313c579836dc31867d793cfe77535c.tar passt-4988e2b406313c579836dc31867d793cfe77535c.tar.gz passt-4988e2b406313c579836dc31867d793cfe77535c.tar.bz2 passt-4988e2b406313c579836dc31867d793cfe77535c.tar.lz passt-4988e2b406313c579836dc31867d793cfe77535c.tar.xz passt-4988e2b406313c579836dc31867d793cfe77535c.tar.zst passt-4988e2b406313c579836dc31867d793cfe77535c.zip |
tcp: Unconditionally force ACK for all !SYN, !RST packets2024_03_26.4988e2b
Currently we set ACK on flags packets only when the acknowledged byte
pointer has advanced, or we hadn't previously set a window. This means
in particular that we can send a window update with no ACK flag, which
doesn't appear to be correct. RFC 9293 requires a receiver to ignore such
a packet [0], and indeed it appears that every non-SYN, non-RST packet
should have the ACK flag.
The reason for the existing logic, rather than always forcing an ACK seems
to be to avoid having the packet mistaken as a duplicate ACK which might
trigger a fast retransmit. However, earlier tests in the function mean we
won't reach here if we don't have either an advance in the ack pointer -
which will already set the ACK flag, or a window update - which shouldn't
trigger a fast retransmit.
[0] https://www.ietf.org/rfc/rfc9293.html#section-3.10.7.4-2.5.2.1
Link: https://github.com/containers/podman/issues/22146
Link: https://bugs.passt.top/show_bug.cgi?id=84
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rw-r--r-- | tcp.c | 6 |
1 files changed, 1 insertions, 5 deletions
@@ -1593,8 +1593,6 @@ static void tcp_update_seqack_from_tap(const struct ctx *c, */ static int tcp_send_flag(struct ctx *c, struct tcp_tap_conn *conn, int flags) { - uint32_t prev_ack_to_tap = conn->seq_ack_to_tap; - uint32_t prev_wnd_to_tap = conn->wnd_to_tap; struct tcp4_l2_flags_buf_t *b4 = NULL; struct tcp6_l2_flags_buf_t *b6 = NULL; struct tcp_info tinfo = { 0 }; @@ -1675,9 +1673,7 @@ static int tcp_send_flag(struct ctx *c, struct tcp_tap_conn *conn, int flags) *data++ = OPT_WS_LEN; *data++ = conn->ws_to_tap; } else if (!(flags & RST)) { - if (conn->seq_ack_to_tap != prev_ack_to_tap || - !prev_wnd_to_tap) - flags |= ACK; + flags |= ACK; } th->doff = (sizeof(*th) + optlen) / 4; |