syncookies: remove last_synq_overflow from struct tcp_sock

[linux-2.6-microblaze.git] / net / ipv4 / syncookies.c

diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index d346c22..cd2b97f 100644 (file)
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -161,13 +161,12 @@ static __u16 const msstab[] = {
  */
 __u32 cookie_v4_init_sequence(struct sock *sk, struct sk_buff *skb, __u16 *mssp)
 {
-       struct tcp_sock *tp = tcp_sk(sk);
        const struct iphdr *iph = ip_hdr(skb);
        const struct tcphdr *th = tcp_hdr(skb);
        int mssind;
        const __u16 mss = *mssp;
 
-       tp->last_synq_overflow = jiffies;
+       tcp_synq_overflow(sk);
 
        /* XXX sort msstab[] by probability?  Binary search? */
        for (mssind = 0; mss > msstab[mssind + 1]; mssind++)
@@ -268,7 +267,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
        if (!sysctl_tcp_syncookies || !th->ack)
                goto out;
 
-       if (time_after(jiffies, tp->last_synq_overflow + TCP_TIMEOUT_INIT) ||
+       if (tcp_synq_no_recent_overflow(sk) ||
            (mss = cookie_check(skb, cookie)) == 0) {
                NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_SYNCOOKIESFAILED);
                goto out;
@@ -288,10 +287,6 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
        if (!req)
                goto out;
 
-       if (security_inet_conn_request(sk, skb, req)) {
-               reqsk_free(req);
-               goto out;
-       }
        ireq = inet_rsk(req);
        treq = tcp_rsk(req);
        treq->rcv_isn           = ntohl(th->seq) - 1;
@@ -322,6 +317,11 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
                }
        }
 
+       if (security_inet_conn_request(sk, skb, req)) {
+               reqsk_free(req);
+               goto out;
+       }
+
        req->expires    = 0UL;
        req->retrans    = 0;