mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-04 16:15:11 +00:00
Code Issues Releases Wiki Activity
linux-stable/include/net
History
Eric Dumazet cd6f35b842 tcp: add tcp_min_snd_mss sysctl 
commit 5f3e2bf008 upstream.

Some TCP peers announce a very small MSS option in their SYN and/or
SYN/ACK messages.

This forces the stack to send packets with a very high network/cpu
overhead.

Linux has enforced a minimal value of 48. Since this value includes
the size of TCP options, and that the options can consume up to 40
bytes, this means that each segment can include only 8 bytes of payload.

In some cases, it can be useful to increase the minimal value
to a saner value.

We still let the default to 48 (TCP_MIN_SND_MSS), for compatibility
reasons.

Note that TCP_MAXSEG socket option enforces a minimal value
of (TCP_MIN_MSS). David Miller increased this minimal value
in commit c39508d6f1 ("tcp: Make TCP_MAXSEG minimum more correct.")
from 64 to 88.

We might in the future merge TCP_MIN_SND_MSS and TCP_MIN_MSS.

CVE-2019-11479 -- tcp mss hardcoded to 48

Signed-off-by: Eric Dumazet <edumazet@google.com>
Suggested-by: Jonathan Looney <jtl@netflix.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Tyler Hicks <tyhicks@canonical.com>
Cc: Bruce Curtis <brucec@netflix.com>
Cc: Jonathan Lemon <jonathan.lemon@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-06-17 19:52:44 +02:00
..
9p 9p: Implement show_options 2017-07-11 06:08:58 -04:00
bluetooth Revert "Bluetooth: Align minimum encryption key size for LE and BR/EDR connections" 2019-06-15 11:54:59 +02:00
caif caif: reduce stack size with KASAN 2019-05-08 07:20:45 +02:00
iucv License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netfilter netfilter: ctnetlink: don't use conntrack/expect object addresses as id 2019-05-16 19:42:23 +02:00
netns tcp: add tcp_min_snd_mss sysctl 2019-06-17 19:52:44 +02:00
nfc nfc: nci: Potential off by one in ->pipes[] array 2019-05-16 19:42:32 +02:00
phonet phonet: fix building with clang 2019-03-23 14:35:16 +01:00
sctp sctp: avoid running the sctp state machine recursively 2019-05-08 07:20:44 +02:00
tc_act net/sched: don't dereference a->goto_chain to read the chain index 2019-05-04 09:15:20 +02:00
6lowpan.h
act_api.h Revert "net_sched: hold netns refcnt for each action" 2017-11-09 10:03:09 +09:00
addrconf.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
af_ieee802154.h
af_rxrpc.h rxrpc: Allow failed client calls to be retried 2017-08-29 10:55:20 +01:00
af_unix.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
af_vsock.h vsock: split dwork to avoid reinitializations 2018-08-22 07:46:08 +02:00
ah.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
arp.h ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled 2019-06-11 12:21:51 +02:00
atmclip.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ax25.h ax25: fix possible use-after-free 2019-02-23 09:06:44 +01:00
ax88796.h
bond_3ad.h
bond_alb.h
bond_options.h
bonding.h bonding: avoid possible dead-lock 2018-10-18 09:16:17 +02:00
busy_poll.h net: fix compilation when busy poll is not enabled 2017-08-11 14:59:24 -07:00
calipso.h net, calipso: convert calipso_doi.refcount from atomic_t to refcount_t 2017-07-04 22:35:16 +01:00
cfg80211-wext.h
cfg80211.h mac80211_hwsim: validate number of different channels 2018-02-25 11:07:45 +01:00
cfg802154.h
checksum.h
cipso_ipv4.h net, ipv4: convert cipso_v4_doi.refcount from atomic_t to refcount_t 2017-07-04 01:29:04 -07:00
cls_cgroup.h
codel.h
codel_impl.h
codel_qdisc.h
compat.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
datalink.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dcbevent.h
dcbnl.h
devlink.h devlink: Add IPv6 header for dpipe 2017-08-31 14:42:19 -07:00
dn.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dn_dev.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dn_fib.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dn_neigh.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dn_nsp.h
dn_route.h
dsa.h net: dsa: Allow switch drivers to indicate number of TX queues 2017-09-05 11:53:34 -07:00
dsfield.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dst.h net: don't call update_pmtu unconditionally 2018-05-09 09:51:48 +02:00
dst_cache.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dst_metadata.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dst_ops.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
erspan.h gre: introduce native tunnel support for ERSPAN 2017-08-22 14:29:30 -07:00
esp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ethoc.h
fib_notifier.h net: Add module reference to FIB notifiers 2017-09-01 20:33:42 -07:00
fib_rules.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
firewire.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
flow.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
flow_dissector.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fou.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fq.h
fq_impl.h fq_impl: Properly enforce memory limit 2017-10-18 09:40:35 +02:00
garp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gen_stats.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
genetlink.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
geneve.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gre.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gro_cells.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gtp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gue.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hwbm.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
icmp.h net: Add __icmp_send helper. 2019-03-13 14:03:09 -07:00
ieee80211_radiotap.h
ieee802154_netdev.h
if_inet6.h net, ipv6: convert ifacaddr6.aca_refcnt from atomic_t to refcount_t 2017-07-04 01:29:04 -07:00
ife.h net: sched: ife: handle malformed tlv length 2018-04-29 11:33:13 +02:00
ila.h
inet6_connection_sock.h
inet6_hashtables.h net: ipv6: add second dif to inet6 socket lookups 2017-08-07 11:39:22 -07:00
inet_common.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
inet_connection_sock.h
inet_ecn.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
inet_frag.h net: IP defrag: encapsulate rbtree defrag code into callable functions 2019-04-27 09:35:40 +02:00
inet_hashtables.h net: ipv4: add second dif to inet socket lookups 2017-08-07 11:39:21 -07:00
inet_sock.h inet: make sure to grab rcu_read_lock before using ireq->ireq_opt 2018-10-18 09:16:21 +02:00
inet_timewait_sock.h soreuseport: initialise timewait reuseport field 2018-05-16 10:10:24 +02:00
inetpeer.h net: ipv4: use a dedicated counter for icmp_v4 redirect packets 2019-02-23 09:06:42 +01:00
ip.h vrf: check accept_source_route on the original netdevice 2019-04-17 08:37:48 +02:00
ip6_checksum.h
ip6_fib.h ipv6: fix the check before getting the cookie in rt6_get_cookie 2019-06-11 12:21:47 +02:00
ip6_route.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip6_tunnel.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip_fib.h net: ipv4: Fix memory leak in network namespace dismantle 2019-01-31 08:13:42 +01:00
ip_tunnels.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip_vs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ipcomp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ipconfig.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ipv6.h ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module 2019-04-27 09:35:40 +02:00
ipv6_frag.h net: IP6 defrag: use rbtrees for IPv6 defrag 2019-04-27 09:35:40 +02:00
ipx.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
iw_handler.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kcm.h
l3mdev.h ipvlan, l3mdev: fix broken l3s mode wrt local routes 2019-02-06 17:31:33 +01:00
lapb.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
lib80211.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
llc.h llc: use refcount_inc_not_zero() for llc_sap_find() 2018-08-22 07:46:08 +02:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h llc: properly handle dev_queue_xmit() return value 2018-05-30 07:52:20 +02:00
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
lwtunnel.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mac80211.h mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 2018-05-30 07:51:58 +02:00
mac802154.h
mip6.h
mld.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mpls.h
mpls_iptunnel.h
mrp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ncsi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ndisc.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
neighbour.h neighbour: Avoid writing before skb->head in neigh_hh_output() 2018-12-17 09:28:45 +01:00
net_namespace.h netns: provide pure entropy for net_hash_mix() 2019-04-17 08:37:50 +02:00
net_ratelimit.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netevent.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netlabel.h net: convert netlbl_lsm_cache.refcount from atomic_t to refcount_t 2017-07-01 07:39:09 -07:00
netlink.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netprio_cgroup.h
netrom.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nexthop.h net: fix rtnh_ok() 2018-05-16 10:10:23 +02:00
nl802154.h
nsh.h net: add NSH header structures and helpers 2017-08-29 15:16:52 -07:00
p8022.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ping.h
pkt_cls.h net_sched: introduce tcf_exts_get_net() and tcf_exts_put_net() 2017-11-09 10:03:09 +09:00
pkt_sched.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pptp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
protocol.h IPv4: early demux can return an error code 2017-10-01 03:55:47 +01:00
psample.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
psnap.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
raw.h net: ipv4: add second dif to raw socket lookups 2017-08-07 11:39:21 -07:00
rawv6.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
red.h net_sched: red: Avoid illegal values 2018-02-25 11:07:59 +01:00
regulatory.h regulatory: add NUL to request alpha2 2018-05-30 07:52:01 +02:00
request_sock.h net: convert sock.sk_refcnt from atomic_t to refcount_t 2017-07-01 07:39:08 -07:00
rose.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
route.h ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu 2018-05-30 07:52:14 +02:00
rtnetlink.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sch_generic.h sch_netem: fix skb leak in netem_enqueue() 2018-03-31 18:10:40 +02:00
scm.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
secure_seq.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
seg6.h ipv6: sr: add support for ip4ip6 encapsulation 2017-08-25 17:10:23 -07:00
seg6_hmac.h
slhc_vj.h slip: Check if rstate is initialized before uncompressing 2018-04-19 08:56:16 +02:00
smc.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
snmp.h
sock.h packets: Always register packet sk in the same order 2019-04-03 06:25:09 +02:00
sock_reuseport.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Space.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
stp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
strparser.h strparser: Use delayed work instead of timer for msg timeout 2017-10-25 10:37:11 +09:00
switchdev.h net: switchdev: Remove bridge bypass support from switchdev 2017-08-07 14:48:48 -07:00
tcp.h tcp: limit payload size of sacked skbs 2019-06-17 19:52:43 +02:00
tcp_states.h
timewait_sock.h
tls.h tls: Fix TLS ulp context leak, when TLS_TX setsockopt is not used. 2018-12-05 19:41:10 +01:00
transp_v6.h udp: fix rx queue len reported by diag and proc interface 2018-06-26 08:06:28 +08:00
tso.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tun_proto.h vxlan: factor out VXLAN-GPE next protocol 2017-08-29 15:16:52 -07:00
udp.h udp: fix rx queue len reported by diag and proc interface 2018-06-26 08:06:28 +08:00
udp_tunnel.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
udplite.h udplite: fix partial checksum initialization 2018-03-08 22:41:10 -08:00
vsock_addr.h
vxlan.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
wext.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
wimax.h
x25.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
x25device.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm.h xfrm: Reinject transport-mode packets through tasklet 2018-03-03 10:24:25 +01:00