NetworkPkg: Add wnd scale check before shrinking window.

Moving Right window edge to the left on sender side without additional check can lead to the TCP deadlock, when receiver ACKs proper segment, while sender discards it for future ACK. To prevent this add check if usable window (or shrink amount in this case) is bigger then receiver's window scale factor. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Andrey Tepin <atepin@kraftway.ru> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2017-05-03 14:20:56 +08:00 · 2017-05-03 14:20:56 +08:00 · 2d5afbdad1
parent 3654c4623c
commit 2d5afbdad1
1 changed files with 23 additions and 4 deletions
--- a/NetworkPkg/TcpDxe/TcpInput.c
+++ b/NetworkPkg/TcpDxe/TcpInput.c
@ -1,7 +1,7 @@
 /** @file
  TCP input process routines.

-  Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>

  This program and the accompanying materials
  are licensed and made available under the terms and conditions of the BSD License
@ -738,6 +738,7 @@ TcpInput (
  TCP_SEQNO   Right;
  TCP_SEQNO   Urg;
  UINT16      Checksum;
+  INT32       Usable;

  ASSERT ((Version == IP_VERSION_4) || (Version == IP_VERSION_6));

@ -1306,9 +1307,27 @@ TcpInput (
      }

      if (TCP_SEQ_LT (Right, Tcb->SndNxt)) {
-
-        Tcb->SndNxt = Right;
-
+        //
+        // Check for Window Retraction in RFC7923 section 2.4.
+        // The lower n bits of the peer's actual receive window is wiped out if TCP
+        // window scale is enabled, it will look like the peer is shrinking the window.
+        // Check whether the SndNxt is out of the advertised receive window by more than
+        // 2^Rcv.Wind.Shift before moving the SndNxt to the left.
+        //
+        DEBUG (
+          (EFI_D_WARN,
+          "TcpInput: peer advise negative useable window for connected TCB %p\n",
+          Tcb)
+          );
+        Usable = TCP_SUB_SEQ (Tcb->SndNxt, Right);
+        if ((Usable >> Tcb->SndWndScale) > 0) {
+          DEBUG (
+            (EFI_D_WARN,
+            "TcpInput: SndNxt is out of window by more than window scale for TCB %p\n",
+            Tcb)
+            );
+          Tcb->SndNxt = Right;
+        }
        if (Right == Tcb->SndUna) {

          TcpClearTimer (Tcb, TCP_TIMER_REXMIT);