git: b7b48ba8420f - stable/14 - tcp: keep SYN-cache entry when sending of challenge ACK fails

Sun, 05 Oct 2025 08:46:47 -0700 

The branch stable/14 has been updated by tuexen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=b7b48ba8420f6203ac7165b6b07c62929bb759e8

commit b7b48ba8420f6203ac7165b6b07c62929bb759e8
Author:     Michael Tuexen <tue...@freebsd.org>
AuthorDate: 2025-10-02 06:57:14 +0000
Commit:     Michael Tuexen <tue...@freebsd.org>
CommitDate: 2025-10-05 13:19:37 +0000

    tcp: keep SYN-cache entry when sending of challenge ACK fails
    
    Don't drop a SYN-cache entry just because a challenge ACK couldn't
    be sent. This might only be a temporary failure.
    
    Reviewed by:            Nick Banks, glebius, jtl
    Sponsored by:           Netflix, Inc.
    Differential Revision:  https://reviews.freebsd.org/D52840
    
    (cherry picked from commit 7841b44f8491d69c75207d0f3a1eb34501d99edd)
---
 sys/netinet/tcp_syncache.c | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/sys/netinet/tcp_syncache.c b/sys/netinet/tcp_syncache.c
index 012240f46ffb..ce2ab29f4008 100644
--- a/sys/netinet/tcp_syncache.c
+++ b/sys/netinet/tcp_syncache.c
@@ -130,7 +130,7 @@ static void  syncache_drop(struct syncache *, struct 
syncache_head *);
 static void     syncache_free(struct syncache *);
 static void     syncache_insert(struct syncache *, struct syncache_head *);
 static int      syncache_respond(struct syncache *, const struct mbuf *, int);
-static int      syncache_send_challenge_ack(struct syncache *, struct mbuf *);
+static void     syncache_send_challenge_ack(struct syncache *, struct mbuf *);
 static struct   socket *syncache_socket(struct syncache *, struct socket *,
                    struct mbuf *m);
 static void     syncache_timeout(struct syncache *sc, struct syncache_head 
*sch,
@@ -703,10 +703,7 @@ syncache_chkrst(struct in_conninfo *inc, struct tcphdr 
*th, struct mbuf *m,
                                    "sending challenge ACK\n",
                                    s, __func__,
                                    th->th_seq, sc->sc_irs + 1, sc->sc_wnd);
-                       if (syncache_send_challenge_ack(sc, m) != 0) {
-                               syncache_drop(sc, sch);
-                               TCPSTAT_INC(tcps_sc_dropped);
-                       }
+                       syncache_send_challenge_ack(sc, m);
                }
        } else {
                if ((s = tcp_log_addrs(inc, th, NULL, NULL)))
@@ -2062,22 +2059,16 @@ syncache_respond(struct syncache *sc, const struct mbuf 
*m0, int flags)
        return (error);
 }
 
-static int
+static void
 syncache_send_challenge_ack(struct syncache *sc, struct mbuf *m)
 {
-       int error;
-
        if (tcp_challenge_ack_check(&sc->sc_challenge_ack_end,
            &sc->sc_challenge_ack_cnt)) {
-               error = syncache_respond(sc, m, TH_ACK);
-               if (error == 0) {
+               if (syncache_respond(sc, m, TH_ACK) == 0) {
                        TCPSTAT_INC(tcps_sndacks);
                        TCPSTAT_INC(tcps_sndtotal);
                }
-       } else {
-               error = 0;
        }
-       return (error);
 }
 
 /*

Reply via email to