diff options
| author | James Morris <jmorris@namei.org> | 2010-03-31 08:39:27 +1100 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-03-31 08:39:27 +1100 |
| commit | d25d6fa1a95f465ff1ec4458ca15e30b2c8dffec (patch) | |
| tree | 7362b182dedd825fc762ef7706830837e42943af /net/ipv4/tcp_ipv4.c | |
| parent | 225a9be24d799aa16d543c31fb09f0c9ed1d9caa (diff) | |
| parent | 2eaa9cfdf33b8d7fb7aff27792192e0019ae8fc6 (diff) | |
| download | kernel-crypto-d25d6fa1a95f465ff1ec4458ca15e30b2c8dffec.tar.gz kernel-crypto-d25d6fa1a95f465ff1ec4458ca15e30b2c8dffec.tar.xz kernel-crypto-d25d6fa1a95f465ff1ec4458ca15e30b2c8dffec.zip | |
Merge branch 'master' into next
Diffstat (limited to 'net/ipv4/tcp_ipv4.c')
| -rw-r--r-- | net/ipv4/tcp_ipv4.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index c3588b4fd97..f4df5f931f3 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -370,6 +370,11 @@ void tcp_v4_err(struct sk_buff *icmp_skb, u32 info) if (sk->sk_state == TCP_CLOSE) goto out; + if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) { + NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); + goto out; + } + icsk = inet_csk(sk); tp = tcp_sk(sk); seq = ntohl(th->seq); @@ -1651,13 +1656,15 @@ int tcp_v4_rcv(struct sk_buff *skb) if (!sk) goto no_tcp_socket; - if (iph->ttl < inet_sk(sk)->min_ttl) - goto discard_and_relse; - process: if (sk->sk_state == TCP_TIME_WAIT) goto do_time_wait; + if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) { + NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); + goto discard_and_relse; + } + if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb)) goto discard_and_relse; nf_reset(skb); @@ -1682,8 +1689,11 @@ process: if (!tcp_prequeue(sk, skb)) ret = tcp_v4_do_rcv(sk, skb); } - } else - sk_add_backlog(sk, skb); + } else if (unlikely(sk_add_backlog(sk, skb))) { + bh_unlock_sock(sk); + NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP); + goto discard_and_relse; + } bh_unlock_sock(sk); sock_put(sk); |