• Jon Paul Maloy's avatar
    tipc: improve sequence number checking · 81204c49
    Jon Paul Maloy authored
    The sequence number of an incoming packet is currently only checked
    for less than, equality to, or bigger than the next expected number,
    meaning that the receive window in practice becomes one half sequence
    number cycle, or U16_MAX/2. This does not make sense, and may not even
    be safe if there are extreme delays in the network. Any packet sent by
    the peer during the ongoing cycle must belong inside his current send
    window, or should otherwise be dropped if possible.
    
    Since a link endpoint cannot know its peer's current send window, it
    has to base this sanity check on a worst-case assumption, i.e., that
    the peer is using a maximum sized window of 8191 packets. Using this
    assumption, we now add a check that the sequence number is not bigger
    than next_expected + TIPC_MAX_LINK_WIN. We also re-order the checks
    done, so that the receive window test is performed before the gap test.
    This way, we are guaranteed that no packet with illegal sequence numbers
    are ever added to the deferred queue.
    Signed-off-by: default avatarJon Maloy <jon.maloy@ericsson.com>
    Acked-by: default avatarYing Xue <ying.xue@windriver.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    81204c49
link.h 9.23 KB