svn commit: r194463 - stable/6/sys/netinet

Thu, 18 Jun 2009 14:24:51 -0700 

Author: jhb
Date: Thu Jun 18 21:24:23 2009
New Revision: 194463
URL: http://svn.freebsd.org/changeset/base/194463

Log:
  MFC: Fix overflow edge cases with comparing ticks to t_rcvtime including
  fixing the TCP keepalive timer to work properly when ticks overflows from
  INT_MAX to INT_MIN.  Note that to preserve the ABI this change just
  downcasts t_rcvtime to an int when it is subtracted from ticks rather than
  changing the type of t_rcvtime.

Modified:
  stable/6/sys/netinet/tcp_output.c
  stable/6/sys/netinet/tcp_timer.c

Modified: stable/6/sys/netinet/tcp_output.c
==============================================================================
--- stable/6/sys/netinet/tcp_output.c   Thu Jun 18 21:17:04 2009        
(r194462)
+++ stable/6/sys/netinet/tcp_output.c   Thu Jun 18 21:24:23 2009        
(r194463)
@@ -145,7 +145,7 @@ tcp_output(struct tcpcb *tp)
         * to send, then transmit; otherwise, investigate further.
         */
        idle = (tp->t_flags & TF_LASTIDLE) || (tp->snd_max == tp->snd_una);
-       if (idle && (ticks - tp->t_rcvtime) >= tp->t_rxtcur) {
+       if (idle && (ticks - (int)tp->t_rcvtime) >= tp->t_rxtcur) {
                /*
                 * We have been idle for "a while" and no acks are
                 * expected to clock out any data we send --

Modified: stable/6/sys/netinet/tcp_timer.c
==============================================================================
--- stable/6/sys/netinet/tcp_timer.c    Thu Jun 18 21:17:04 2009        
(r194462)
+++ stable/6/sys/netinet/tcp_timer.c    Thu Jun 18 21:24:23 2009        
(r194463)
@@ -188,7 +188,7 @@ tcp_timer_2msl(xtp)
         * control block.  Otherwise, check again in a bit.
         */
        if (tp->t_state != TCPS_TIME_WAIT &&
-           (ticks - tp->t_rcvtime) <= tcp_maxidle)
+           (ticks - (int)tp->t_rcvtime) <= tcp_maxidle)
                callout_reset(tp->tt_2msl, tcp_keepintvl,
                              tcp_timer_2msl, tp);
        else
@@ -291,7 +291,7 @@ tcp_timer_keep(xtp)
                goto dropit;
        if ((always_keepalive || inp->inp_socket->so_options & SO_KEEPALIVE) &&
            tp->t_state <= TCPS_CLOSING) {
-               if ((ticks - tp->t_rcvtime) >= tcp_keepidle + tcp_maxidle)
+               if ((ticks - (int)tp->t_rcvtime) >= tcp_keepidle + tcp_maxidle)
                        goto dropit;
                /*
                 * Send a packet designed to force a response
@@ -377,8 +377,8 @@ tcp_timer_persist(xtp)
         * backoff that we would use if retransmitting.
         */
        if (tp->t_rxtshift == TCP_MAXRXTSHIFT &&
-           ((ticks - tp->t_rcvtime) >= tcp_maxpersistidle ||
-            (ticks - tp->t_rcvtime) >= TCP_REXMTVAL(tp) * tcp_totbackoff)) {
+           ((ticks - (int)tp->t_rcvtime) >= tcp_maxpersistidle ||
+            (ticks - (int)tp->t_rcvtime) >= TCP_REXMTVAL(tp) * 
tcp_totbackoff)) {
                tcpstat.tcps_persistdrop++;
                tp = tcp_drop(tp, ETIMEDOUT);
                goto out;
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"

Reply via email to