git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	xin.guo <guoxin0309@gmail.com>
	Thu, 26 Jun 2025 12:34:19 +0000 (12:34 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 15 Aug 2025 10:04:57 +0000 (12:04 +0200)
commit	4157321b0acfebdb65a3d4a8fd19fc9c5eb9ea1d
tree	f85e581da2be717114d9f638129f8afac9c0599e	tree \| snapshot
parent	916ac18d526a26f6072866b1a97622cf1351ef1c	commit \| diff

tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range

[ Upstream commit a041f70e573e185d5d5fdbba53f0db2fbe7257ad ]

If the new coming segment covers more than one skbs in the ofo queue,
and which seq is equal to rcv_nxt, then the sequence range
that is duplicated will be sent as DUP SACK, the detail as below,
in step6, the {501,2001} range is clearly including too much
DUP SACK range, in violation of RFC 2883 rules.

1. client > server: Flags [.], seq 501:1001, ack 1325288529, win 20000, length 500
2. server > client: Flags [.], ack 1, [nop,nop,sack 1 {501:1001}], length 0
3. client > server: Flags [.], seq 1501:2001, ack 1325288529, win 20000, length 500
4. server > client: Flags [.], ack 1, [nop,nop,sack 2 {1501:2001} {501:1001}], length 0
5. client > server: Flags [.], seq 1:2001, ack 1325288529, win 20000, length 2000
6. server > client: Flags [.], ack 2001, [nop,nop,sack 1 {501:2001}], length 0

After this fix, the final ACK is as below:

6. server > client: Flags [.], ack 2001, options [nop,nop,sack 1 {501:1001}], length 0

[edumazet] added a new packetdrill test in the following patch.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: xin.guo <guoxin0309@gmail.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Link: https://patch.msgid.link/20250626123420.1933835-2-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>