[Cake] CAKE upstreaming - testers wanted, ACK filtering rescuers needed

Ryan Mounce ryan at mounce.com.au
Thu Apr 26 02:54:22 EDT 2018

> On 26 Apr 2018, at 16:09, Toke Høiland-Jørgensen <toke at toke.dk> wrote:
> Ryan Mounce <ryan at mounce.com.au> writes:
>> I'll investigate making the ACK filtering code safe, it is my mess after all :)
>> Eric obviously understands this stuff a lot better than me, it looks
>> like there are two issues?
>> - Lack of minimum length check for TCP header, should be fairly
>> straight-forward to fix
>> - The possibility of unsafely filtering part of a split GSO
>> super-packet?
> The issue with the ACK filter in relation to GSO was just that a GSO
> segment can't contain pure ACKs, so there's no reason to check after
> splitting. I've already removed that part, so it's just the length
> issue. I think it's just a matter of finding the length and calling
> pskb_may_pull() (and aborting if that returns false).
> -Toke

Yep I think I’ve got all of that together now and I’ve submitted a PR
against the cobalt branch.

An optimisation to what I’ve submitted would be moving the separate
TCP header length check to only the IPv4 case, and adding
sizeof(tcphdr) to the initial IPv6 header length check. Not that my
ACK filtering code is so efficient to begin with...


More information about the Cake mailing list