linux-stable/Documentation
Eric Dumazet cd6f35b842 tcp: add tcp_min_snd_mss sysctl
commit 5f3e2bf008 upstream.

Some TCP peers announce a very small MSS option in their SYN and/or
SYN/ACK messages.

This forces the stack to send packets with a very high network/cpu
overhead.

Linux has enforced a minimal value of 48. Since this value includes
the size of TCP options, and that the options can consume up to 40
bytes, this means that each segment can include only 8 bytes of payload.

In some cases, it can be useful to increase the minimal value
to a saner value.

We still let the default to 48 (TCP_MIN_SND_MSS), for compatibility
reasons.

Note that TCP_MAXSEG socket option enforces a minimal value
of (TCP_MIN_MSS). David Miller increased this minimal value
in commit c39508d6f1 ("tcp: Make TCP_MAXSEG minimum more correct.")
from 64 to 88.

We might in the future merge TCP_MIN_SND_MSS and TCP_MIN_MSS.

CVE-2019-11479 -- tcp mss hardcoded to 48

Signed-off-by: Eric Dumazet <edumazet@google.com>
Suggested-by: Jonathan Looney <jtl@netflix.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Tyler Hicks <tyhicks@canonical.com>
Cc: Bruce Curtis <brucec@netflix.com>
Cc: Jonathan Lemon <jonathan.lemon@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-06-17 19:52:44 +02:00
..
ABI Documentation: Add MDS vulnerability documentation 2019-05-14 19:18:45 +02:00
EDID
PCI docs: update old references for DocBook from the documentation 2017-05-16 08:44:19 -03:00
RCU doc: Set down RCU's scheduling-clock-interrupt needs 2017-08-17 07:31:14 -07:00
accounting
acpi This is the bulk of GPIO changes for the v4.13 series: 2017-07-07 12:40:27 -07:00
admin-guide Documentation: Correct the possible MDS sysfs values 2019-05-14 19:18:47 +02:00
aoe
arm ARM: 8833/1: Ensure that NEON code always compiles with Clang 2019-04-05 22:31:34 +02:00
arm64 arm64: Add work around for Arm Cortex-A55 Erratum 1024718 2018-05-16 10:10:25 +02:00
auxdisplay
backlight
blackfin
block doc, block, bfq: better describe how to properly configure bfq 2017-08-31 13:55:26 -06:00
blockdev SCSI misc on 20170907 2017-09-07 21:11:05 -07:00
bus-devices
cdrom
cgroup-v1 mm, vmpressure: pass-through notification support 2017-07-10 16:32:31 -07:00
cma
connector
console
core-api doc: Fix RCU's docbook options 2017-10-19 22:26:11 -04:00
cpu-freq cpufreq: docs: Drop intel-pstate.txt from index.txt 2017-09-28 02:08:43 +02:00
cpuidle
cris
crypto KEYS: Add documentation for asymmetric keyring restrictions 2017-07-14 11:01:38 +10:00
dev-tools kmemcheck: rip it out 2018-02-22 15:42:24 +01:00
device-mapper dm thin: fix documentation relative to low water mark threshold 2018-04-26 11:02:07 +02:00
devicetree dt-bindings: eeprom: at24: add "atmel,24c2048" compatible string 2019-02-20 10:20:44 +01:00
dmaengine Merge branch 'topic/dmatest' into for-linus 2017-09-06 21:55:10 +05:30
doc-guide sphinx.rst: Allow Sphinx version 1.6 at the docs 2017-08-26 15:50:27 -06:00
driver-api USB: core: Fix bug caused by duplicate interface PM usage counter 2019-05-08 07:20:46 +02:00
driver-model driver core: remove DRIVER_ATTR 2017-09-19 09:20:33 +02:00
early-userspace
extcon
fault-injection fault-inject: add /proc/<pid>/fail-nth 2017-07-14 15:05:13 -07:00
fb fbcon: remove restriction on margin color 2017-09-04 16:00:49 +02:00
features docs/features: parisc implements tracehook 2017-08-07 14:18:40 -06:00
filesystems mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps 2019-01-26 09:37:07 +01:00
firmware_class
fmc
fpga
frv
gpio Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2017-09-07 13:39:21 -07:00
gpu Merge tag 'drm-intel-next-2017-08-18' of git://anongit.freedesktop.org/git/drm-intel into drm-next 2017-08-22 10:03:07 +10:00
hid
hwmon hwmon: (ina2xx) fix sysfs shunt resistor read access 2018-10-03 17:00:58 -07:00
i2c i2c: i801: Add support for Intel Cedar Fork 2017-10-05 14:44:56 +02:00
ia64
ide
iio iio: adc: New driver for Cirrus Logic EP93xx ADC 2017-07-25 19:56:23 +01:00
infiniband Documentation: Hardware tag matching 2017-08-29 08:30:21 -04:00
input Documentation:input: fix typo 2017-08-30 15:18:24 -06:00
ioctl scsi: cxlflash: Introduce host ioctl support 2017-06-26 15:01:11 -04:00
isdn
kbuild kbuild: delete INSTALL_FW_PATH from kbuild documentation 2018-07-17 11:39:30 +02:00
kdump kexec/kdump: minor Documentation updates for arm64 and Image 2017-07-12 16:26:00 -07:00
kernel-hacking There has been a fair amount of activity in the docs tree this time 2017-07-03 21:13:25 -07:00
laptops platform/x86: thinkpad_acpi: Fix warning about deprecated hwmon_device_register 2017-08-18 15:57:24 -07:00
leds
lightnvm
livepatch
locking Merge branch 'linus' into locking/core, to fix up conflicts 2017-09-04 11:01:18 +02:00
m68k
md Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md 2017-05-03 10:05:38 -07:00
media media: media colorspaces*.rst: rename AdobeRGB to opRGB 2018-11-13 11:15:12 -08:00
memory-devices
metag
mic
mips
misc-devices Documentation: misc-devices: Add Documentation for pci-endpoint-test driver 2017-04-28 10:23:19 -05:00
mmc MMC core: 2017-05-02 17:34:32 -07:00
mn10300
mtd
namespaces
netlabel
networking tcp: add tcp_min_snd_mss sysctl 2019-06-17 19:52:44 +02:00
nfc
nios2
nvdimm
nvmem NVMEM documentation fix: A minor typo 2017-08-24 13:31:58 -06:00
parisc
pcmcia
perf
phy
platform
power Merge branch 'pm-sleep' 2017-09-04 00:06:02 +02:00
powerpc powerpc updates for 4.13 2017-07-07 13:55:45 -07:00
pps drivers/pps: aesthetic tweaks to PPS-related content 2017-09-08 18:26:51 -07:00
process kbuild: verify that $DEPMOD is installed 2018-08-17 21:01:10 +02:00
pti
ptp
rapidio
s390
scheduler sched/deadline: Add documentation about GRUB reclaiming 2017-06-08 10:31:56 +02:00
scsi
security docs: ReSTify table of contents in core.rst 2017-08-30 15:27:58 -06:00
serial tty: n_gsm: do not send/receive in ldisc close path 2017-06-03 18:48:52 +09:00
sh docs-rst: convert sh book to ReST 2017-05-16 08:44:18 -03:00
sound sound updates for 4.13-rc1 2017-07-06 10:56:51 -07:00
sparc
sphinx doc: Cope with Sphinx logging deprecations 2019-06-09 09:18:17 +02:00
sphinx-static docs RTD theme: code-block with line nos - lines and line numbers don't line up. 2017-07-17 13:48:45 -06:00
spi spi: Document SPI slave controller support 2017-05-26 13:11:00 +01:00
sysctl namei: allow restricted O_CREAT of FIFOs and regular files 2018-12-01 09:42:59 +01:00
target Documentation/target: add an example script to configure an iSCSI target 2017-05-01 22:21:35 -07:00
thermal Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2017-05-12 11:58:45 -07:00
timers rcu: Eliminate NOCBs CPU-state Kconfig options 2017-06-08 18:52:43 -07:00
trace stm class: Document the stm_ftrace 2017-08-25 17:58:34 +03:00
translations kokr/memory-barriers.txt: Apply atomic_t.txt change 2017-09-08 10:10:53 -06:00
usb usb: gadget: add f_uac1 variant based on a new u_audio api 2017-06-19 09:22:47 +03:00
userspace-api x86/speculation: Add prctl() control for indirect branch speculation 2018-12-05 19:41:22 +01:00
virtual KVM: Reject device ioctls from processes other than the VM's creator 2019-04-03 06:25:20 +02:00
vm hmm: heterogeneous memory management documentation 2017-09-08 18:26:45 -07:00
w1
watchdog watchdog: Revert "iTCO_wdt: all versions count down twice" 2017-09-09 17:41:24 +02:00
wimax
x86 x86/speculation/mds: Improve CPU buffer clear documentation 2019-05-21 18:50:13 +02:00
xtensa of: update ePAPR references to point to Devicetree Specification 2017-06-22 11:22:06 -05:00
.gitignore
00-INDEX linux-kselftest-4.13-rc1-update 2017-07-07 14:04:47 -07:00
Changes
CodingStyle
DMA-API-HOWTO.txt DMA-API-HOWTO.txt: standardize document format 2017-07-14 13:51:32 -06:00
DMA-API.txt dma-coherent: remove the DMA_MEMORY_MAP and DMA_MEMORY_IO flags 2017-09-01 11:59:17 +02:00
DMA-ISA-LPC.txt DMA-ISA-LPC.txt: standardize document format 2017-07-14 13:51:33 -06:00
DMA-attributes.txt DMA-attributes.txt: standardize document format 2017-07-14 13:51:33 -06:00
IPMI.txt IPMI.txt: standardize document format 2017-07-14 13:51:40 -06:00
IRQ-affinity.txt IRQ-affinity.txt: standardize document format 2017-07-14 13:51:41 -06:00
IRQ-domain.txt IRQ-domain.txt: standardize document format 2017-07-14 13:51:41 -06:00
IRQ.txt IRQ.txt: add a markup for its title 2017-07-14 13:51:42 -06:00
Intel-IOMMU.txt Intel-IOMMU.txt: standardize document format 2017-07-14 13:51:38 -06:00
Makefile doc: Makefile: if sphinx is not found, run a check script 2017-08-24 13:18:30 -06:00
SAK.txt SAK.txt: standardize document format 2017-07-14 13:58:04 -06:00
SM501.txt SM501.txt: standardize document format 2017-07-14 13:58:06 -06:00
SubmittingPatches
atomic_bitops.txt Documentation/locking/atomic: Add documents for new atomic_t APIs 2017-08-10 12:29:00 +02:00
atomic_t.txt Documentation/locking/atomic: Finish the document... 2017-08-25 11:06:33 +02:00
bcache.txt bcache.txt: standardize document format 2017-07-14 13:51:27 -06:00
bt8xxgpio.txt bt8xxgpio.txt: standardize document format 2017-07-14 13:51:27 -06:00
btmrvl.txt btmrvl.txt: standardize document format 2017-07-14 13:51:27 -06:00
bus-virt-phys-mapping.txt bus-virt-phys-mapping.txt: standardize document format 2017-07-14 13:51:28 -06:00
cachetlb.txt cachetlb.txt: standardize document format 2017-07-14 13:51:28 -06:00
cgroup-v2.txt cgroup: add cgroup.stat interface with basic hierarchy stats 2017-08-02 12:05:20 -07:00
circular-buffers.txt circular-buffers.txt: standardize document format 2017-07-14 13:51:29 -06:00
clk.txt clk.txt: standardize document format 2017-07-14 13:51:29 -06:00
conf.py docs: Fix conf.py for Sphinx 2.0 2019-06-09 09:18:17 +02:00
cpu-load.txt cpu-load: standardize document format 2017-07-14 13:51:30 -06:00
cputopology.txt cputopology.txt: standardize document format 2017-07-14 13:51:30 -06:00
crc32.txt crc32.txt: standardize document format 2017-07-14 13:51:30 -06:00
dcdbas.txt dcdbas.txt: standardize document format 2017-07-14 13:51:31 -06:00
debugging-modules.txt
debugging-via-ohci1394.txt debugging-via-ohci1394.txt: standardize document format 2017-07-14 13:51:34 -06:00
dell_rbu.txt dell_rbu.txt: standardize document format 2017-07-14 13:58:12 -06:00
digsig.txt digsig.txt: standardize document format 2017-07-14 13:51:31 -06:00
docutils.conf
dontdiff Remove gperf usage from toolchain 2017-08-19 11:02:53 -07:00
efi-stub.txt efi-stub.txt: standardize document format 2017-07-14 13:51:34 -06:00
eisa.txt eisa.txt: standardize document format 2017-07-14 13:51:34 -06:00
errseq.rst Documentation: add some docs for errseq_t 2017-07-29 09:01:02 -04:00
flexible-arrays.txt flexible-arrays.txt: standardize document format 2017-07-14 13:51:35 -06:00
futex-requeue-pi.txt futex-requeue-pi.txt: standardize document format 2017-07-14 13:51:35 -06:00
gcc-plugins.txt gcc-plugins.txt: standardize document format 2017-07-14 13:51:36 -06:00
highuid.txt highuid.txt: standardize document format 2017-07-14 13:51:36 -06:00
hw_random.txt hw_random.txt: standardize document format 2017-07-14 13:51:37 -06:00
hwspinlock.txt hwspinlock.txt: standardize document format 2017-07-14 13:51:37 -06:00
index.rst x86/speculation/mds: Add mds_clear_cpu_buffers() 2019-05-14 19:18:43 +02:00
intel_txt.txt intel_txt.txt: standardize document format 2017-07-14 13:51:38 -06:00
io-mapping.txt io-mapping.txt: standardize document format 2017-07-14 13:51:38 -06:00
io_ordering.txt io_ordering.txt: standardize document format 2017-07-14 13:51:39 -06:00
iostats.txt iostats.txt: update it to cover recent Kernels 2017-07-14 13:51:40 -06:00
irqflags-tracing.txt irqflags-tracing.txt: standardize document format 2017-07-14 13:51:42 -06:00
isa.txt isa.txt: standardize document format 2017-07-14 13:51:43 -06:00
isapnp.txt isapnp.txt: promote title level 2017-07-14 13:51:43 -06:00
kernel-doc-nano-HOWTO.txt docs: update old references for DocBook from the documentation 2017-05-16 08:44:19 -03:00
kernel-per-CPU-kthreads.txt kernel-per-CPU-kthreads.txt: standardize document format 2017-07-14 13:51:43 -06:00
kobject.txt kobject.txt: standardize document format 2017-07-14 13:51:44 -06:00
kprobes.txt docs: kprobes.txt: Fix whitespacing 2017-07-14 13:58:14 -06:00
kref.txt kref.txt: standardize document format 2017-07-14 13:51:45 -06:00
ldm.txt ldm.txt: standardize document format 2017-07-14 13:51:45 -06:00
lockup-watchdogs.txt lockup-watchdogs.txt: standardize document format 2017-07-14 13:51:46 -06:00
logo.gif
logo.txt
lsm.txt docs-rst: convert lsm from DocBook to ReST 2017-05-16 08:44:19 -03:00
lzo.txt lzo.txt: standardize document format 2017-07-14 13:51:46 -06:00
mailbox.txt mailbox.txt: standardize document format 2017-07-14 13:51:47 -06:00
memory-barriers.txt Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-09-04 11:52:29 -07:00
memory-hotplug.txt memory-hotplug.txt: standardize document format 2017-07-14 13:57:53 -06:00
men-chameleon-bus.txt men-chameleon-bus.txt: standardize document format 2017-07-14 13:57:54 -06:00
nommu-mmap.txt nommu-mmap.txt: don't use all upper case on titles 2017-07-14 13:57:55 -06:00
ntb.txt This series converts a number of top-level documents to the RST format 2017-07-15 12:58:58 -07:00
numastat.txt numastat.txt: standardize document format 2017-07-14 13:57:56 -06:00
padata.txt padata.txt: standardize document format 2017-07-14 13:57:56 -06:00
parport-lowlevel.txt parport-lowlevel.txt: standardize document format 2017-07-14 13:57:57 -06:00
percpu-rw-semaphore.txt percpu-rw-semaphore.txt: standardize document format 2017-07-14 13:57:58 -06:00
phy.txt phy.txt: standardize document format 2017-07-14 13:57:58 -06:00
pi-futex.txt pi-futex.txt: standardize document format 2017-07-14 13:57:59 -06:00
pnp.txt pnp.txt: standardize document format 2017-07-14 13:57:59 -06:00
preempt-locking.txt preempt-locking.txt: standardize document format 2017-07-14 13:58:00 -06:00
printk-formats.txt lib/vsprintf: Remove atomic-unsafe support for %pCr 2018-07-03 11:24:48 +02:00
pwm.txt pwm: Standardize document format 2017-07-06 08:23:30 +02:00
rbtree.txt rbtree: cache leftmost node internally 2017-09-08 18:26:48 -07:00
remoteproc.txt remoteproc.txt: standardize document format 2017-07-14 13:58:02 -06:00
rfkill.txt rfkill.txt: standardize document format 2017-07-14 13:58:02 -06:00
robust-futex-ABI.txt robust-futex-ABI.txt: standardize document format 2017-07-14 13:58:03 -06:00
robust-futexes.txt robust-futexes.txt: standardize document format 2017-07-14 13:58:03 -06:00
rpmsg.txt rpmsg.txt: standardize document format 2017-07-14 13:58:04 -06:00
rtc.txt rtc: add generic nvmem support 2017-07-07 13:14:14 +02:00
sgi-ioc4.txt sgi-ioc4.txt: standardize document format 2017-07-14 13:58:05 -06:00
siphash.txt siphash.txt: standardize document format 2017-07-14 13:58:06 -06:00
smsc_ece1099.txt smsc_ece1099.txt: standardize document format 2017-07-14 13:58:07 -06:00
speculation.txt Documentation: Document array_index_nospec 2018-02-07 11:12:22 -08:00
static-keys.txt jump_label: Provide hotplug context variants 2017-08-10 12:28:59 +02:00
svga.txt svga.txt: standardize document format 2017-07-14 13:58:08 -06:00
switchtec.txt
sync_file.txt sync_file.txt: standardize document format 2017-05-24 13:01:27 -03:00
tee.txt tee.txt: standardize document format 2017-07-14 13:58:14 -06:00
this_cpu_ops.txt this_cpu_ops.txt: standardize document format 2017-07-14 13:58:08 -06:00
unaligned-memory-access.txt unaligned-memory-access.txt: standardize document format 2017-07-14 13:58:09 -06:00
vfio-mediated-device.txt vfio/mdev: Check globally for duplicate devices 2018-08-03 07:50:22 +02:00
vfio.txt vfio.txt: standardize document format 2017-07-14 13:58:10 -06:00
video-output.txt
xillybus.txt xillybus.txt: standardize document format 2017-07-14 13:58:11 -06:00
xz.txt xz.txt: standardize document format 2017-07-14 13:58:11 -06:00
zorro.txt zorro.txt: standardize document format 2017-07-14 13:58:12 -06:00