mirror of
				git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
				synced 2025-09-04 20:19:47 +08:00 
			
		
		
		
	 7a6498ebcd
			
		
	
	
		7a6498ebcd
		
	
	
	
	
		
			
			Rationale:
Reduces attack surface on kernel devs opening the links for MITM
as HTTPS traffic is much harder to manipulate.
Deterministic algorithm:
For each file:
  If not .svg:
    For each line:
      If doesn't contain `\bxmlns\b`:
        For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
          If both the HTTP and HTTPS versions
          return 200 OK and serve the same content:
            Replace HTTP with HTTPS.
Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
		
	
			
		
			
				
	
	
		
			187 lines
		
	
	
		
			4.9 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			187 lines
		
	
	
		
			4.9 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| // SPDX-License-Identifier: GPL-2.0-only
 | |
| /*
 | |
|  * Sally Floyd's High Speed TCP (RFC 3649) congestion control
 | |
|  *
 | |
|  * See https://www.icir.org/floyd/hstcp.html
 | |
|  *
 | |
|  * John Heffner <jheffner@psc.edu>
 | |
|  */
 | |
| 
 | |
| #include <linux/module.h>
 | |
| #include <net/tcp.h>
 | |
| 
 | |
| /* From AIMD tables from RFC 3649 appendix B,
 | |
|  * with fixed-point MD scaled <<8.
 | |
|  */
 | |
| static const struct hstcp_aimd_val {
 | |
| 	unsigned int cwnd;
 | |
| 	unsigned int md;
 | |
| } hstcp_aimd_vals[] = {
 | |
| 	{     38,  128, /*  0.50 */ },
 | |
| 	{    118,  112, /*  0.44 */ },
 | |
| 	{    221,  104, /*  0.41 */ },
 | |
| 	{    347,   98, /*  0.38 */ },
 | |
| 	{    495,   93, /*  0.37 */ },
 | |
| 	{    663,   89, /*  0.35 */ },
 | |
| 	{    851,   86, /*  0.34 */ },
 | |
| 	{   1058,   83, /*  0.33 */ },
 | |
| 	{   1284,   81, /*  0.32 */ },
 | |
| 	{   1529,   78, /*  0.31 */ },
 | |
| 	{   1793,   76, /*  0.30 */ },
 | |
| 	{   2076,   74, /*  0.29 */ },
 | |
| 	{   2378,   72, /*  0.28 */ },
 | |
| 	{   2699,   71, /*  0.28 */ },
 | |
| 	{   3039,   69, /*  0.27 */ },
 | |
| 	{   3399,   68, /*  0.27 */ },
 | |
| 	{   3778,   66, /*  0.26 */ },
 | |
| 	{   4177,   65, /*  0.26 */ },
 | |
| 	{   4596,   64, /*  0.25 */ },
 | |
| 	{   5036,   62, /*  0.25 */ },
 | |
| 	{   5497,   61, /*  0.24 */ },
 | |
| 	{   5979,   60, /*  0.24 */ },
 | |
| 	{   6483,   59, /*  0.23 */ },
 | |
| 	{   7009,   58, /*  0.23 */ },
 | |
| 	{   7558,   57, /*  0.22 */ },
 | |
| 	{   8130,   56, /*  0.22 */ },
 | |
| 	{   8726,   55, /*  0.22 */ },
 | |
| 	{   9346,   54, /*  0.21 */ },
 | |
| 	{   9991,   53, /*  0.21 */ },
 | |
| 	{  10661,   52, /*  0.21 */ },
 | |
| 	{  11358,   52, /*  0.20 */ },
 | |
| 	{  12082,   51, /*  0.20 */ },
 | |
| 	{  12834,   50, /*  0.20 */ },
 | |
| 	{  13614,   49, /*  0.19 */ },
 | |
| 	{  14424,   48, /*  0.19 */ },
 | |
| 	{  15265,   48, /*  0.19 */ },
 | |
| 	{  16137,   47, /*  0.19 */ },
 | |
| 	{  17042,   46, /*  0.18 */ },
 | |
| 	{  17981,   45, /*  0.18 */ },
 | |
| 	{  18955,   45, /*  0.18 */ },
 | |
| 	{  19965,   44, /*  0.17 */ },
 | |
| 	{  21013,   43, /*  0.17 */ },
 | |
| 	{  22101,   43, /*  0.17 */ },
 | |
| 	{  23230,   42, /*  0.17 */ },
 | |
| 	{  24402,   41, /*  0.16 */ },
 | |
| 	{  25618,   41, /*  0.16 */ },
 | |
| 	{  26881,   40, /*  0.16 */ },
 | |
| 	{  28193,   39, /*  0.16 */ },
 | |
| 	{  29557,   39, /*  0.15 */ },
 | |
| 	{  30975,   38, /*  0.15 */ },
 | |
| 	{  32450,   38, /*  0.15 */ },
 | |
| 	{  33986,   37, /*  0.15 */ },
 | |
| 	{  35586,   36, /*  0.14 */ },
 | |
| 	{  37253,   36, /*  0.14 */ },
 | |
| 	{  38992,   35, /*  0.14 */ },
 | |
| 	{  40808,   35, /*  0.14 */ },
 | |
| 	{  42707,   34, /*  0.13 */ },
 | |
| 	{  44694,   33, /*  0.13 */ },
 | |
| 	{  46776,   33, /*  0.13 */ },
 | |
| 	{  48961,   32, /*  0.13 */ },
 | |
| 	{  51258,   32, /*  0.13 */ },
 | |
| 	{  53677,   31, /*  0.12 */ },
 | |
| 	{  56230,   30, /*  0.12 */ },
 | |
| 	{  58932,   30, /*  0.12 */ },
 | |
| 	{  61799,   29, /*  0.12 */ },
 | |
| 	{  64851,   28, /*  0.11 */ },
 | |
| 	{  68113,   28, /*  0.11 */ },
 | |
| 	{  71617,   27, /*  0.11 */ },
 | |
| 	{  75401,   26, /*  0.10 */ },
 | |
| 	{  79517,   26, /*  0.10 */ },
 | |
| 	{  84035,   25, /*  0.10 */ },
 | |
| 	{  89053,   24, /*  0.10 */ },
 | |
| };
 | |
| 
 | |
| #define HSTCP_AIMD_MAX	ARRAY_SIZE(hstcp_aimd_vals)
 | |
| 
 | |
| struct hstcp {
 | |
| 	u32	ai;
 | |
| };
 | |
| 
 | |
| static void hstcp_init(struct sock *sk)
 | |
| {
 | |
| 	struct tcp_sock *tp = tcp_sk(sk);
 | |
| 	struct hstcp *ca = inet_csk_ca(sk);
 | |
| 
 | |
| 	ca->ai = 0;
 | |
| 
 | |
| 	/* Ensure the MD arithmetic works.  This is somewhat pedantic,
 | |
| 	 * since I don't think we will see a cwnd this large. :) */
 | |
| 	tp->snd_cwnd_clamp = min_t(u32, tp->snd_cwnd_clamp, 0xffffffff/128);
 | |
| }
 | |
| 
 | |
| static void hstcp_cong_avoid(struct sock *sk, u32 ack, u32 acked)
 | |
| {
 | |
| 	struct tcp_sock *tp = tcp_sk(sk);
 | |
| 	struct hstcp *ca = inet_csk_ca(sk);
 | |
| 
 | |
| 	if (!tcp_is_cwnd_limited(sk))
 | |
| 		return;
 | |
| 
 | |
| 	if (tcp_in_slow_start(tp))
 | |
| 		tcp_slow_start(tp, acked);
 | |
| 	else {
 | |
| 		/* Update AIMD parameters.
 | |
| 		 *
 | |
| 		 * We want to guarantee that:
 | |
| 		 *     hstcp_aimd_vals[ca->ai-1].cwnd <
 | |
| 		 *     snd_cwnd <=
 | |
| 		 *     hstcp_aimd_vals[ca->ai].cwnd
 | |
| 		 */
 | |
| 		if (tp->snd_cwnd > hstcp_aimd_vals[ca->ai].cwnd) {
 | |
| 			while (tp->snd_cwnd > hstcp_aimd_vals[ca->ai].cwnd &&
 | |
| 			       ca->ai < HSTCP_AIMD_MAX - 1)
 | |
| 				ca->ai++;
 | |
| 		} else if (ca->ai && tp->snd_cwnd <= hstcp_aimd_vals[ca->ai-1].cwnd) {
 | |
| 			while (ca->ai && tp->snd_cwnd <= hstcp_aimd_vals[ca->ai-1].cwnd)
 | |
| 				ca->ai--;
 | |
| 		}
 | |
| 
 | |
| 		/* Do additive increase */
 | |
| 		if (tp->snd_cwnd < tp->snd_cwnd_clamp) {
 | |
| 			/* cwnd = cwnd + a(w) / cwnd */
 | |
| 			tp->snd_cwnd_cnt += ca->ai + 1;
 | |
| 			if (tp->snd_cwnd_cnt >= tp->snd_cwnd) {
 | |
| 				tp->snd_cwnd_cnt -= tp->snd_cwnd;
 | |
| 				tp->snd_cwnd++;
 | |
| 			}
 | |
| 		}
 | |
| 	}
 | |
| }
 | |
| 
 | |
| static u32 hstcp_ssthresh(struct sock *sk)
 | |
| {
 | |
| 	const struct tcp_sock *tp = tcp_sk(sk);
 | |
| 	struct hstcp *ca = inet_csk_ca(sk);
 | |
| 
 | |
| 	/* Do multiplicative decrease */
 | |
| 	return max(tp->snd_cwnd - ((tp->snd_cwnd * hstcp_aimd_vals[ca->ai].md) >> 8), 2U);
 | |
| }
 | |
| 
 | |
| static struct tcp_congestion_ops tcp_highspeed __read_mostly = {
 | |
| 	.init		= hstcp_init,
 | |
| 	.ssthresh	= hstcp_ssthresh,
 | |
| 	.undo_cwnd	= tcp_reno_undo_cwnd,
 | |
| 	.cong_avoid	= hstcp_cong_avoid,
 | |
| 
 | |
| 	.owner		= THIS_MODULE,
 | |
| 	.name		= "highspeed"
 | |
| };
 | |
| 
 | |
| static int __init hstcp_register(void)
 | |
| {
 | |
| 	BUILD_BUG_ON(sizeof(struct hstcp) > ICSK_CA_PRIV_SIZE);
 | |
| 	return tcp_register_congestion_control(&tcp_highspeed);
 | |
| }
 | |
| 
 | |
| static void __exit hstcp_unregister(void)
 | |
| {
 | |
| 	tcp_unregister_congestion_control(&tcp_highspeed);
 | |
| }
 | |
| 
 | |
| module_init(hstcp_register);
 | |
| module_exit(hstcp_unregister);
 | |
| 
 | |
| MODULE_AUTHOR("John Heffner");
 | |
| MODULE_LICENSE("GPL");
 | |
| MODULE_DESCRIPTION("High Speed TCP");
 |