Merge branch 'tcp-fixes'

Eric Dumazet says: ==================== tcp: make sack processing more robust Jonathan Looney brought to our attention multiple problems in TCP stack at the sender side. SACK processing can be abused by malicious peers to either cause overflows, or increase of memory usage. First two patches fix the immediate problems. Since the malicious peers abuse senders by advertizing a very small MSS in their SYN or SYNACK packet, the last two patches add a new sysctl so that admins can chose a higher limit for MSS clamping. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
author: David S. Miller <davem@davemloft.net> 2019-06-17 10:39:56 -0700
committer: David S. Miller <davem@davemloft.net> 2019-06-17 10:39:56 -0700
commit: 4fddbf8a99ee5a65bdd31b3ebbf5a84b9395d496 (patch)
tree: 671cdce9ff92bdd0a99619f995bbcea9124735ad /include/net/netns/ipv4.h
parent: 6be8e297f9bcea666ea85ac7a6cd9d52d6deaf92 (diff)
parent: 967c05aee439e6e5d7d805e195b3a20ef5c433d6 (diff)
download: linux-4fddbf8a99ee5a65bdd31b3ebbf5a84b9395d496.tar.bz2
1 files changed, 1 insertions, 0 deletions
diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
index 7698460a3dd1..623cfbb7b8dc 100644
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h
@@ -117,6 +117,7 @@ struct netns_ipv4 {
 #endif
 	int sysctl_tcp_mtu_probing;
 	int sysctl_tcp_base_mss;
+	int sysctl_tcp_min_snd_mss;
 	int sysctl_tcp_probe_threshold;
 	u32 sysctl_tcp_probe_interval;
author	David S. Miller <davem@davemloft.net>	2019-06-17 10:39:56 -0700
committer	David S. Miller <davem@davemloft.net>	2019-06-17 10:39:56 -0700
commit	4fddbf8a99ee5a65bdd31b3ebbf5a84b9395d496 (patch)
tree	671cdce9ff92bdd0a99619f995bbcea9124735ad /include/net/netns/ipv4.h
parent	6be8e297f9bcea666ea85ac7a6cd9d52d6deaf92 (diff)
parent	967c05aee439e6e5d7d805e195b3a20ef5c433d6 (diff)
download	linux-4fddbf8a99ee5a65bdd31b3ebbf5a84b9395d496.tar.bz2