Message ID | 20190827234622.76209-1-ppenkov.kernel@gmail.com |
---|---|
State | Accepted |
Delegated to: | BPF Maintainers |
Headers | show |
Series | [bpf-next] bpf: fix error check in bpf_tcp_gen_syncookie | expand |
On Tue, Aug 27, 2019 at 4:46 PM Petar Penkov <ppenkov.kernel@gmail.com> wrote: > > From: Petar Penkov <ppenkov@google.com> > > If a SYN cookie is not issued by tcp_v#_gen_syncookie, then the return > value will be exactly 0, rather than <= 0. Let's change the check to > reflect that, especially since mss is an unsigned value and cannot be > negative. > > Fixes: 70d66244317e ("bpf: add bpf_tcp_gen_syncookie helper") > Reported-by: Stanislav Fomichev <sdf@google.com> > Signed-off-by: Petar Penkov <ppenkov@google.com> Acked-by: Song Liu <songliubraving@fb.com>
On 8/28/19 1:46 AM, Petar Penkov wrote: > From: Petar Penkov <ppenkov@google.com> > > If a SYN cookie is not issued by tcp_v#_gen_syncookie, then the return > value will be exactly 0, rather than <= 0. Let's change the check to > reflect that, especially since mss is an unsigned value and cannot be > negative. > > Fixes: 70d66244317e ("bpf: add bpf_tcp_gen_syncookie helper") > Reported-by: Stanislav Fomichev <sdf@google.com> > Signed-off-by: Petar Penkov <ppenkov@google.com> Applied, thanks!
diff --git a/net/core/filter.c b/net/core/filter.c index 0c1059cdad3d..17bc9af8f156 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -5903,7 +5903,7 @@ BPF_CALL_5(bpf_tcp_gen_syncookie, struct sock *, sk, void *, iph, u32, iph_len, default: return -EPROTONOSUPPORT; } - if (mss <= 0) + if (mss == 0) return -ENOENT; return cookie | ((u64)mss << 32);