tcp: rstreason: fully support in tcp_check_req()

We're going to send an RST due to invalid syn packet which is already checked whether 1) it is in sequence, 2) it is a retransmitted skb. As RFC 793 says, if the state of socket is not CLOSED/LISTEN/SYN-SENT, then we should send an RST when receiving bad syn packet: "fourth, check the SYN bit,...If the SYN is in the window it is an error, send a reset" Signed-off-by: Jason Xing <kernelxing@tencent.com> Link: https://lore.kernel.org/r/20240510122502.27850-6-kerneljasonxing@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
author: Jason Xing <kernelxing@tencent.com> 2024-05-10 20:25:02 +0800
committer: Jakub Kicinski <kuba@kernel.org> 2024-05-13 17:33:57 -0700
commit: 11f46ea9814d2f0a3c7a5bc749d7619e47251f75 (patch)
tree: 8373b47f89ab0ff45b96e50fa17f4db5e078aaf0 /net/ipv4
parent: 22a32557758a7100e46dfa8f383a401125e60b16 (diff)
download: lwn-11f46ea9814d2f0a3c7a5bc749d7619e47251f75.tar.gz
lwn-11f46ea9814d2f0a3c7a5bc749d7619e47251f75.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
index 7d543569a180..b93619b2384b 100644
--- a/net/ipv4/tcp_minisocks.c
+++ b/net/ipv4/tcp_minisocks.c
@@ -879,7 +879,7 @@ embryonic_reset:
 		 * avoid becoming vulnerable to outside attack aiming at
 		 * resetting legit local connections.
 		 */
-		req->rsk_ops->send_reset(sk, skb, SK_RST_REASON_NOT_SPECIFIED);
+		req->rsk_ops->send_reset(sk, skb, SK_RST_REASON_INVALID_SYN);
 	} else if (fastopen) { /* received a valid RST pkt */
 		reqsk_fastopen_remove(sk, req, true);
 		tcp_reset(sk, skb);
author	Jason Xing <kernelxing@tencent.com>	2024-05-10 20:25:02 +0800
committer	Jakub Kicinski <kuba@kernel.org>	2024-05-13 17:33:57 -0700
commit	11f46ea9814d2f0a3c7a5bc749d7619e47251f75 (patch)
tree	8373b47f89ab0ff45b96e50fa17f4db5e078aaf0 /net/ipv4
parent	22a32557758a7100e46dfa8f383a401125e60b16 (diff)
download	lwn-11f46ea9814d2f0a3c7a5bc749d7619e47251f75.tar.gz lwn-11f46ea9814d2f0a3c7a5bc749d7619e47251f75.zip