diff options
| -rw-r--r-- | sys/netinet/tcp_input.c | 11 | ||||
| -rw-r--r-- | sys/netinet/tcp_usrreq.c | 19 | ||||
| -rw-r--r-- | sys/netinet/tcp_var.h | 23 |
3 files changed, 40 insertions, 13 deletions
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 0e72174b56f..855a07ae017 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.316 2016/03/27 19:19:01 bluhm Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.317 2016/03/29 18:13:20 bluhm Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -3255,19 +3255,12 @@ tcp_mss_adv(struct mbuf *m, int af) */ /* syn hash parameters */ -#define TCP_SYN_HASH_SIZE 293 -#define TCP_SYN_BUCKET_SIZE 35 int tcp_syn_cache_size = TCP_SYN_HASH_SIZE; int tcp_syn_cache_limit = TCP_SYN_HASH_SIZE*TCP_SYN_BUCKET_SIZE; int tcp_syn_bucket_limit = 3*TCP_SYN_BUCKET_SIZE; int tcp_syn_use_limit = 100000; -struct syn_cache_set { - struct syn_cache_head scs_buckethead[TCP_SYN_HASH_SIZE]; - int scs_count; - int scs_use; - u_int32_t scs_random[5]; -} tcp_syn_cache[2]; +struct syn_cache_set tcp_syn_cache[2]; int tcp_syn_cache_active; #define SYN_HASH(sa, sp, dp, rand) \ diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index 0ece5e179a4..1cb805eb715 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_usrreq.c,v 1.129 2016/03/23 15:50:36 vgross Exp $ */ +/* $OpenBSD: tcp_usrreq.c,v 1.130 2016/03/29 18:13:20 bluhm Exp $ */ /* $NetBSD: tcp_usrreq.c,v 1.20 1996/02/13 23:44:16 christos Exp $ */ /* @@ -933,6 +933,23 @@ tcp_sysctl(name, namelen, oldp, oldlenp, newp, newlen) return (sysctl_struct(oldp, oldlenp, newp, newlen, &tcpstat, sizeof(tcpstat))); + case TCPCTL_SYN_USE_LIMIT: + error = sysctl_int(oldp, oldlenp, newp, newlen, + &tcp_syn_use_limit); + if (error) + return (error); + if (newp != NULL) { + /* + * Global tcp_syn_use_limit is used when reseeding a + * new cache. Also update the value in active cache. + */ + if (tcp_syn_cache[0].scs_use > tcp_syn_use_limit) + tcp_syn_cache[0].scs_use = tcp_syn_use_limit; + if (tcp_syn_cache[1].scs_use > tcp_syn_use_limit) + tcp_syn_cache[1].scs_use = tcp_syn_use_limit; + } + return (0); + default: if (name[0] < TCPCTL_MAXID) return (sysctl_int_arr(tcpctl_vars, name, namelen, diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h index 65742dc8980..b99ba8a5cde 100644 --- a/sys/netinet/tcp_var.h +++ b/sys/netinet/tcp_var.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_var.h,v 1.111 2016/03/27 19:19:01 bluhm Exp $ */ +/* $OpenBSD: tcp_var.h,v 1.112 2016/03/29 18:13:20 bluhm Exp $ */ /* $NetBSD: tcp_var.h,v 1.17 1996/02/13 23:44:24 christos Exp $ */ /* @@ -251,6 +251,10 @@ struct tcp_opt_info { /* * Data for the TCP compressed state engine. */ + +#define TCP_SYN_HASH_SIZE 293 +#define TCP_SYN_BUCKET_SIZE 35 + union syn_cache_sa { struct sockaddr sa; struct sockaddr_in sin; @@ -311,6 +315,13 @@ struct syn_cache_head { u_short sch_length; /* # entries in bucket */ }; +struct syn_cache_set { + struct syn_cache_head scs_buckethead[TCP_SYN_HASH_SIZE]; + int scs_count; + int scs_use; + u_int32_t scs_random[5]; +}; + #endif /* _KERNEL */ /* @@ -478,7 +489,8 @@ struct tcpstat { #define TCPCTL_SACKHOLE_LIMIT 20 /* max entries for tcp sack queues */ #define TCPCTL_STATS 21 /* TCP statistics */ #define TCPCTL_ALWAYS_KEEPALIVE 22 /* assume SO_KEEPALIVE is always set */ -#define TCPCTL_MAXID 23 +#define TCPCTL_SYN_USE_LIMIT 23 /* number of uses before reseeding hash */ +#define TCPCTL_MAXID 24 #define TCPCTL_NAMES { \ { 0, 0 }, \ @@ -503,7 +515,8 @@ struct tcpstat { { "drop", CTLTYPE_STRUCT }, \ { "sackholelimit", CTLTYPE_INT }, \ { "stats", CTLTYPE_STRUCT }, \ - { "always_keepalive", CTLTYPE_INT } \ + { "always_keepalive", CTLTYPE_INT }, \ + { "synuselimit", CTLTYPE_INT }, \ } #define TCPCTL_VARS { \ @@ -528,6 +541,8 @@ struct tcpstat { NULL, \ NULL, \ NULL, \ + NULL, \ + NULL, \ NULL \ } @@ -559,6 +574,8 @@ extern int tcp_reass_limit; /* max entries for tcp reass queues */ extern int tcp_syn_cache_limit; /* max entries for compressed state engine */ extern int tcp_syn_bucket_limit;/* max entries per hash bucket */ +extern int tcp_syn_use_limit; /* number of uses before reseeding hash */ +extern struct syn_cache_set tcp_syn_cache[]; int tcp_attach(struct socket *); void tcp_canceltimers(struct tcpcb *); |