From: Florin Coras <fcoras@cisco.com>
Date: Tue, 11 Feb 2020 05:31:49 +0000 (+0000)
Subject: tcp: improve invalid packet handling in syn-rcvd
X-Git-Tag: v20.09-rc0~606
X-Git-Url: https://gerrit.fd.io/r/gitweb?p=vpp.git;a=commitdiff_plain;h=4dc10a4d560363147e58953b0301888cc57b15ce

tcp: improve invalid packet handling in syn-rcvd

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie356b4d45d47e30c185caf2e66cdb16f1a97046f
---

diff --git a/src/vnet/session/session.c b/src/vnet/session/session.c
index 0b66cf87c4d..b006cfaf2bb 100644
--- a/src/vnet/session/session.c
+++ b/src/vnet/session/session.c
@@ -1003,7 +1003,14 @@ session_stream_accept_notify (transport_connection_t * tc)
   if (!app_wrk)
     return -1;
   s->session_state = SESSION_STATE_ACCEPTING;
-  return app_worker_accept_notify (app_wrk, s);
+  if (app_worker_accept_notify (app_wrk, s))
+    {
+      /* On transport delete, no notifications should be sent. Unless, the
+       * accept is retried and successful. */
+      s->session_state = SESSION_STATE_CREATED;
+      return -1;
+    }
+  return 0;
 }
 
 /**
diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c
index 164a1b3431f..f907750bccc 100755
--- a/src/vnet/tcp/tcp_input.c
+++ b/src/vnet/tcp/tcp_input.c
@@ -2945,7 +2945,7 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
 	  /* Make sure the segment is exactly right */
 	  if (tc0->rcv_nxt != vnet_buffer (b0)->tcp.seq_number || is_fin0)
 	    {
-	      tcp_rcv_rst (wrk, tc0);
+	      tcp_send_reset_w_pkt (tc0, b0, thread_index, is_ip4);
 	      error0 = TCP_ERROR_SEGMENT_INVALID;
 	      goto drop;
 	    }
@@ -2958,7 +2958,8 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
 	   */
 	  if (tcp_rcv_ack_no_cc (tc0, b0, &error0))
 	    {
-	      tcp_rcv_rst (wrk, tc0);
+	      tcp_send_reset_w_pkt (tc0, b0, thread_index, is_ip4);
+	      error0 = TCP_ERROR_SEGMENT_INVALID;
 	      goto drop;
 	    }
 
@@ -2985,7 +2986,9 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
 	  if (session_stream_accept_notify (&tc0->connection))
 	    {
 	      error0 = TCP_ERROR_MSG_QUEUE_FULL;
-	      tcp_rcv_rst (wrk, tc0);
+	      tcp_send_reset (tc0);
+	      session_transport_delete_notify (&tc0->connection);
+	      tcp_connection_cleanup (tc0);
 	      goto drop;
 	    }
 	  error0 = TCP_ERROR_ACK_OK;