From 1072b5b564623d8efca5230c952eed8124c498b9 Mon Sep 17 00:00:00 2001
From: Zhe Weng <wengzhe@xiaomi.com>
Date: Mon, 3 Jul 2023 18:16:13 +0800
Subject: [PATCH] net: Limit max value for Send/Recv bufsize

There're some apps trying to set too large SO_SNDBUF and SO_RCVBUF, which may use all IOBs in one socket and block all other network traffic.

Note:
Linux silently limits SO_SNDBUF to be less than `sysctl_wmem_max`, so we can also do this limit without returning any error.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
---
 net/Kconfig            | 20 ++++++++++++++++++--
 net/inet/inet_sockif.c |  8 ++++++++
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/net/Kconfig b/net/Kconfig
index c5d1d40d77..82ac9eb7a6 100644
--- a/net/Kconfig
+++ b/net/Kconfig
@@ -128,18 +128,34 @@ config NET_LL_GUARDSIZE
 		to L3 network layer protocol transparent transmission and forwarding
 
 config NET_RECV_BUFSIZE
-	int "Net Receive buffer size"
+	int "Net Default Receive buffer size"
 	default 0
 	---help---
 		This is the default value for receive buffer size.
 
+config NET_MAX_RECV_BUFSIZE
+	int "Net Max Receive buffer size"
+	depends on NET_RECV_BUFSIZE > 0
+	default 0
+	---help---
+		Limit the max value for receive buffer size to avoid overconsumption.
+		Zero means no limit.
+
 config NET_SEND_BUFSIZE
-	int "Net Send buffer size"
+	int "Net Default Send buffer size"
 	depends on NET_TCP_WRITE_BUFFERS || NET_UDP_WRITE_BUFFERS
 	default 0
 	---help---
 		This is the default value for send buffer size.
 
+config NET_MAX_SEND_BUFSIZE
+	int "Net Max Send buffer size"
+	depends on NET_SEND_BUFSIZE > 0
+	default 0
+	---help---
+		Limit the max value for send buffer size to avoid overconsumption.
+		Zero means no limit.
+
 endmenu # Driver buffer configuration
 
 menu "Link layer support"
diff --git a/net/inet/inet_sockif.c b/net/inet/inet_sockif.c
index 46c612e706..4026245405 100644
--- a/net/inet/inet_sockif.c
+++ b/net/inet/inet_sockif.c
@@ -929,6 +929,10 @@ static int inet_set_socketlevel_option(FAR struct socket *psock, int option,
               return -EINVAL;
             }
 
+#if CONFIG_NET_MAX_RECV_BUFSIZE > 0
+          buffersize = MIN(buffersize, CONFIG_NET_MAX_RECV_BUFSIZE);
+#endif
+
           net_lock();
 
 #ifdef NET_TCP_HAVE_STACK
@@ -986,6 +990,10 @@ static int inet_set_socketlevel_option(FAR struct socket *psock, int option,
               return -EINVAL;
             }
 
+#if CONFIG_NET_MAX_SEND_BUFSIZE > 0
+          buffersize = MIN(buffersize, CONFIG_NET_MAX_SEND_BUFSIZE);
+#endif
+
           net_lock();
 
 #ifdef NET_TCP_HAVE_STACK