xdp-synproxy: bpf_loop with number of tcp options

the XDP synproxy program from kernel selftest
seems aiming to test the correctness of BPF infrastructure.
not necessarily aiming for production code efficiency,
and production performance. bpf_loop is hard coded with loop
count 6, this may result in tcp options not parsing correctly
in real production traffic and potentially cause traffic latency
with small packet being sent over the wire.

see #7

Reported-by: "DNSPROXY.ORG LLC <[email protected]>"
Signed-off-by: Vincent Li <[email protected]>

xdp-synproxy/xdp_synproxy.bpf.c

@@ -60,6 +60,7 @@
 #define DEFAULT_WSCALE 7
 #define DEFAULT_TTL 64
 #define MAX_ALLOWED_PORTS 8
+#define MAX_WINDOW_SIZE 65535
 
 #define MAX_PACKET_OFF 0xffff
 
@@ -265,11 +266,8 @@ static int tscookie_tcpopt_parse(struct tcpopt_context *ctx)
 
 static int tscookie_tcpopt_parse_batch(__u32 index, void *context)
 {
-	int i;
-
-	for (i = 0; i < 7; i++)
-		if (tscookie_tcpopt_parse(context))
-			return 1;
+	if (tscookie_tcpopt_parse(context))
+		return 1;
 	return 0;
 }
 
@@ -293,7 +291,9 @@ static __always_inline bool tscookie_init(struct tcphdr *tcp_header,
 	};
 	u32 cookie;
 
-	bpf_loop(6, tscookie_tcpopt_parse_batch, &loop_ctx, 0);
+	/* limit bpf_loop with number of tcp options */
+	u32 tcp_opts = tcp_len > 20 ? ( (tcp_len - 20) / 4 ) : 0;
+	bpf_loop(tcp_opts, tscookie_tcpopt_parse_batch, &loop_ctx, 0);
 
 	if (!loop_ctx.option_timestamp)
 		return false;
@@ -524,7 +524,7 @@ static __always_inline void tcp_gen_synack(struct tcphdr *tcp_header,
 	swap(tcp_header->source, tcp_header->dest);
 	tcp_header->ack_seq = bpf_htonl(bpf_ntohl(tcp_header->seq) + 1);
 	tcp_header->seq = bpf_htonl(cookie);
-	tcp_header->window = 0;
+	tcp_header->window = bpf_htons(MAX_WINDOW_SIZE); /* set window size to max window size */
 	tcp_header->urg_ptr = 0;
 	tcp_header->check = 0; /* Calculate checksum later. */