From fef160b5ab9ac507d8ab24d4197e535e4f866840 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Tue, 29 Sep 2020 13:55:14 +0900 Subject: [PATCH 1/2] network: limit InitialCongestionWindow= and InitialAdvertisedReceiveWindow= value Strivtly speaking, this breaks backward compatibility. But setting too large value into them, then their networking easily breaks. Note that typically 100 for them is event too large. So, ommiting the values equal or higher than 1024, and dropping support of k, M, and G suffixes is OK for normal appropriate use cases. See discussion in #16643. --- src/network/networkd-route.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c index b82c4e7f79..2610b24c82 100644 --- a/src/network/networkd-route.c +++ b/src/network/networkd-route.c @@ -1465,7 +1465,7 @@ int config_parse_tcp_window( _cleanup_(route_free_or_set_invalidp) Route *n = NULL; Network *network = userdata; - uint64_t k; + uint32_t k; int r; assert(filename); @@ -1483,13 +1483,13 @@ int config_parse_tcp_window( return 0; } - r = parse_size(rvalue, 1024, &k); + r = safe_atou32(rvalue, &k); if (r < 0) { log_syntax(unit, LOG_WARNING, filename, line, r, "Could not parse TCP %s \"%s\", ignoring assignment: %m", lvalue, rvalue); return 0; } - if (k > UINT32_MAX) { + if (k >= 1024) { log_syntax(unit, LOG_WARNING, filename, line, 0, "Specified TCP %s \"%s\" is too large, ignoring assignment: %m", lvalue, rvalue); return 0; From 3cb7af5baa39e4a873a1e80b452ca6e5dd94d6ae Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 17 Sep 2020 17:01:36 +0900 Subject: [PATCH 2/2] man: update InitialCongestionWindow= and InitialAdvertisedReceiveWindow= Fixes #16643. --- man/systemd.network.xml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/man/systemd.network.xml b/man/systemd.network.xml index 02d56480b5..7cf9f2f6ed 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -1389,21 +1389,22 @@ IPv6Token=prefixstable:2002:da8:1:: InitialCongestionWindow= - The TCP initial congestion window is used during the start of a TCP connection. During the start of a TCP - session, when a client requests a resource, the server's initial congestion window determines how many data bytes - will be sent during the initial burst of data. Takes a size in bytes between 1 and 4294967295 (2^32 - 1). The usual - suffixes K, M, G are supported and are understood to the base of 1024. When unset, the kernel's default will be used. - + The TCP initial congestion window is used during the start of a TCP connection. + During the start of a TCP session, when a client requests a resource, the server's initial + congestion window determines how many packets will be sent during the initial burst of data + without waiting for acknowledgement. Takes a number between 1 and 1023. Note that 100 is + considered an extremely large value for this option. When unset, the kernel's default + (typically 10) will be used. InitialAdvertisedReceiveWindow= - The TCP initial advertised receive window is the amount of receive data (in bytes) that can initially be buffered at one time - on a connection. The sending host can send only that amount of data before waiting for an acknowledgment and window update - from the receiving host. Takes a size in bytes between 1 and 4294967295 (2^32 - 1). The usual suffixes K, M, G are supported - and are understood to the base of 1024. When unset, the kernel's default will be used. - + The TCP initial advertised receive window is the amount of receive data (in bytes) + that can initially be buffered at one time on a connection. The sending host can send only + that amount of data before waiting for an acknowledgment and window update from the + receiving host. Takes a number between 1 and 1023. Note that 100 is considered an extremely + large value for this option. When unset, the kernel's default will be used.