summaryrefslogtreecommitdiffstats
path: root/net/ipv4/tcp.c
diff options
context:
space:
mode:
authorDavid S. Miller2019-06-17 19:39:56 +0200
committerDavid S. Miller2019-06-17 19:39:56 +0200
commit4fddbf8a99ee5a65bdd31b3ebbf5a84b9395d496 (patch)
tree671cdce9ff92bdd0a99619f995bbcea9124735ad /net/ipv4/tcp.c
parentlapb: fixed leak of control-blocks. (diff)
parenttcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (diff)
downloadkernel-qcow2-linux-4fddbf8a99ee5a65bdd31b3ebbf5a84b9395d496.tar.gz
kernel-qcow2-linux-4fddbf8a99ee5a65bdd31b3ebbf5a84b9395d496.tar.xz
kernel-qcow2-linux-4fddbf8a99ee5a65bdd31b3ebbf5a84b9395d496.zip
Merge branch 'tcp-fixes'
Eric Dumazet says: ==================== tcp: make sack processing more robust Jonathan Looney brought to our attention multiple problems in TCP stack at the sender side. SACK processing can be abused by malicious peers to either cause overflows, or increase of memory usage. First two patches fix the immediate problems. Since the malicious peers abuse senders by advertizing a very small MSS in their SYN or SYNACK packet, the last two patches add a new sysctl so that admins can chose a higher limit for MSS clamping. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/tcp.c')
-rw-r--r--net/ipv4/tcp.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index f448a288d158..7dc9ab84bb69 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -3873,6 +3873,7 @@ void __init tcp_init(void)
unsigned long limit;
unsigned int i;
+ BUILD_BUG_ON(TCP_MIN_SND_MSS <= MAX_TCP_OPTION_SPACE);
BUILD_BUG_ON(sizeof(struct tcp_skb_cb) >
FIELD_SIZEOF(struct sk_buff, cb));