linux/Documentation/networking
Eric Dumazet 5f3e2bf008 tcp: add tcp_min_snd_mss sysctl
Some TCP peers announce a very small MSS option in their SYN and/or
SYN/ACK messages.

This forces the stack to send packets with a very high network/cpu
overhead.

Linux has enforced a minimal value of 48. Since this value includes
the size of TCP options, and that the options can consume up to 40
bytes, this means that each segment can include only 8 bytes of payload.

In some cases, it can be useful to increase the minimal value
to a saner value.

We still let the default to 48 (TCP_MIN_SND_MSS), for compatibility
reasons.

Note that TCP_MAXSEG socket option enforces a minimal value
of (TCP_MIN_MSS). David Miller increased this minimal value
in commit c39508d6f1 ("tcp: Make TCP_MAXSEG minimum more correct.")
from 64 to 88.

We might in the future merge TCP_MIN_SND_MSS and TCP_MIN_MSS.

CVE-2019-11479 -- tcp mss hardcoded to 48

Signed-off-by: Eric Dumazet <edumazet@google.com>
Suggested-by: Jonathan Looney <jtl@netflix.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Tyler Hicks <tyhicks@canonical.com>
Cc: Bruce Curtis <brucec@netflix.com>
Cc: Jonathan Lemon <jonathan.lemon@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-06-15 18:47:31 -07:00
..
caif
device_drivers Documentation: net: move device drivers docs to a submenu 2019-05-22 12:18:20 -07:00
dsa Documentation: net: dsa: sja1105: Add info about supported traffic modes 2019-05-05 21:52:42 -07:00
mac80211_hwsim mac80211_hwsim: suggest nl80211 instead of wext driver in documentation 2016-10-17 11:38:01 +02:00
6lowpan.txt docs: networking: fix minor typos in various documentation files 2018-06-04 17:21:28 -04:00
6pack.txt
PLIP.txt
af_xdp.rst Documentation/networking: fix af_xdp.rst Sphinx warnings 2019-05-21 16:19:49 +02:00
alias.rst docs: networking: Convert alias.txt to rst 2018-07-18 15:28:27 -07:00
altera_tse.txt
arcnet-hardware.txt
arcnet.txt
atm.txt
ax25.txt
batman-adv.rst batman-adv: Drop documentation about sysfs files 2019-03-25 09:31:35 +01:00
baycom.txt
bonding.txt bonding: Fix a typo in bonding.txt 2018-07-16 13:32:12 -07:00
bridge.rst docs: networking: Convert bridge.txt to rst 2018-07-18 15:28:27 -07:00
can.rst docs: can.rst: fix a footnote reference 2018-06-15 12:48:59 -03:00
can_ucan_protocol.rst can: ucan: add driver for Theobroma Systems UCAN devices 2018-07-27 10:40:16 +02:00
cdc_mbim.txt Documentation: fix usb related doc refs 2017-10-12 11:15:48 -06:00
checksum-offloads.rst doc: networking: shorten the main title in offloads documents 2019-01-07 15:27:51 -07:00
conf.py docs-rst: convert networking book to ReST 2017-05-16 08:44:13 -03:00
cops.txt
cxacru-cf.py
cxacru.txt
dccp.txt
dctcp.txt
decnet.txt Documentation: decnet: remove reference to CONFIG_DECNET_ROUTE_FWMARK 2019-04-21 11:25:11 -07:00
defza.txt FDDI: defza: Add support for DEC FDDIcontroller 700 TURBOchannel adapter 2018-10-15 21:46:06 -07:00
devlink-health.txt devlink: Add Documentation/networking/devlink-health.txt 2019-02-07 10:34:29 -08:00
devlink-info-versions.rst Documentation: networking: devlink-info-versions: Add fw.psid 2019-04-08 16:28:01 -07:00
devlink-params-bnxt.txt devlink: Add Documentation/networking/devlink-params-bnxt.txt 2018-10-04 13:49:43 -07:00
devlink-params-mlxsw.txt mlxsw: spectrum: add "acl_region_rehash_interval" devlink param 2019-02-08 15:02:50 -08:00
devlink-params.txt devlink: Add 'fw_load_policy' generic parameter 2018-12-03 13:55:43 -08:00
dns_resolver.txt doc: ReSTify keys-request-key.txt 2017-05-18 10:33:51 -06:00
driver.txt
eql.txt
failover.rst net: Introduce generic failover module 2018-05-28 22:59:54 -04:00
fib_trie.txt
filter.txt docs/bpf: minor casing/punctuation fixes 2019-03-02 00:40:04 +01:00
fore200e.txt
framerelay.txt
gen_stats.txt net: sched: do not acquire qdisc spinlock in qdisc/class stats dump 2016-06-07 16:37:14 -07:00
generic-hdlc.txt
generic_netlink.txt
gtp.txt docs: networking: fix minor typos in various documentation files 2018-06-04 17:21:28 -04:00
hinic.txt net-next/hinic: Initialize hw interface 2017-08-22 10:48:52 -07:00
ieee802154.rst doc: net: ieee802154: introduce IEEE 802.15.4 subsystem doc in rst style 2019-03-01 17:03:00 -08:00
ila.txt docs: networking: fix minor typos in various documentation files 2018-06-04 17:21:28 -04:00
index.rst Documentation: add TLS offload documentation 2019-05-22 12:18:20 -07:00
ip-sysctl.txt tcp: add tcp_min_snd_mss sysctl 2019-06-15 18:47:31 -07:00
ip_dynaddr.txt
ipddp.txt
iphase.txt
ipsec.txt docs: networking: fix minor typos in various documentation files 2018-06-04 17:21:28 -04:00
ipv6.txt
ipvlan.txt docs: networking: fix minor typos in various documentation files 2018-06-04 17:21:28 -04:00
ipvs-sysctl.txt ipvs: Document sysctl pmtu_disc 2017-03-16 13:33:39 +01:00
kapi.rst sfp: add documentation for kernel APIs 2017-12-05 11:16:19 -05:00
kcm.txt docs: networking: fix minor typos in various documentation files 2018-06-04 17:21:28 -04:00
l2tp.txt net: l2tp: deprecate PPPOL2TP_MSG_* in favour of L2TP_MSG_* 2016-12-10 23:29:11 -05:00
lapb-module.txt
ltpc.txt
mac80211-auth-assoc-deauth.txt
mac80211-injection.txt
mpls-sysctl.txt mpls: allow TTL propagation from IP packets to be configured 2017-03-13 15:29:22 -07:00
msg_zerocopy.rst doc: fix link to MSG_ZEROCOPY patchset 2019-03-18 09:50:21 -07:00
multiqueue.txt
net_dim.txt Documentation/networking: Add net DIM documentation 2018-03-22 14:50:44 -04:00
net_failover.rst docs: networking: Fix failover build warnings 2018-07-16 11:23:54 -07:00
netconsole.txt docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
netdev-FAQ.rst Documentation: fix netdev-FAQ.rst markup warning 2019-05-01 09:12:51 -04:00
netdev-features.txt docs-networking: fix typo in define 2018-11-21 10:30:30 -08:00
netdevices.txt
netfilter-sysctl.txt netfilter: allow logging from non-init namespaces 2017-02-02 14:31:58 +01:00
netif-msg.txt
nf_conntrack-sysctl.txt netfilter: conntrack: register sysctl table for gre 2018-12-21 00:51:25 +01:00
nf_flowtable.txt netfilter: nf_flowtable: remove duplicated transition in diagram 2019-03-19 15:02:52 +01:00
nfc.txt
openvswitch.txt
operstates.txt Documentation: bring operstate documentation up-to-date 2019-02-11 12:38:51 -08:00
packet_mmap.txt doc: remove out of date links and info from packet mmap 2018-03-16 10:48:52 -04:00
phonet.txt
phy.rst Documentation: net: phy: switch documentation to rst format 2019-01-26 09:16:55 -08:00
pktgen.txt Documentation/pktgen: Clearify how-to use pktgen samples 2018-01-24 15:03:36 -05:00
ppp_generic.txt ppp: remove the PPPIOCDETACH ioctl 2018-05-24 22:55:07 -04:00
proc_net_tcp.txt
radiotap-headers.txt
ray_cs.txt
rds.txt linux-next: DOC: RDS: Fix a typo in rds.txt 2019-06-12 09:56:29 -07:00
regulatory.txt cfg80211: reg: remove support for built-in regdb 2017-10-11 13:18:51 +02:00
rxrpc.txt rxrpc: Allow the kernel to mark a call as being non-interruptible 2019-05-16 16:25:20 +01:00
scaling.rst doc: networking: integrate scaling document into doc tree 2019-01-20 19:10:49 -07:00
sctp.txt
secid.txt
seg6-sysctl.txt ipv6: sr: add documentation file for per-interface sysctls 2016-11-09 20:40:06 -05:00
segmentation-offloads.rst networking: : fix typos in code comments 2019-05-20 20:24:34 -04:00
sfp-phylink.rst doc: add phylink documentation to the networking book 2019-02-24 12:39:45 -08:00
skfp.txt
snmp_counter.rst networking: fix snmp_counter.rst Doc. Warnings 2019-03-17 19:37:08 -07:00
strparser.txt strparser: Corrected typo in documentation. 2018-06-24 16:40:20 +09:00
switchdev.txt switchdev: Remove unused transaction item queue 2019-03-01 21:35:19 -08:00
tc-actions-env-rules.txt
tcp-thin.txt
team.txt
timestamping.txt socket: Update timestamping Documentation 2019-02-03 11:17:31 -08:00
tls-offload-layers.svg Documentation: add TLS offload documentation 2019-05-22 12:18:20 -07:00
tls-offload-reorder-bad.svg Documentation: add TLS offload documentation 2019-05-22 12:18:20 -07:00
tls-offload-reorder-good.svg Documentation: add TLS offload documentation 2019-05-22 12:18:20 -07:00
tls-offload.rst Documentation: add TLS offload documentation 2019-05-22 12:18:20 -07:00
tls.rst Documentation: add TLS offload documentation 2019-05-22 12:18:20 -07:00
tproxy.txt netfilter: doc: Add nf_tables part in tproxy.txt 2018-08-16 19:37:07 +02:00
tuntap.txt
udplite.txt
vrf.txt net: provide a sysctl raw_l3mdev_accept for raw socket lookup with VRFs 2018-11-07 16:12:38 -08:00
vxlan.txt
x25-iface.txt
x25.txt
xfrm_device.txt net: switch secpath to use skb extension infrastructure 2018-12-19 11:21:38 -08:00
xfrm_proc.txt xfrm: update the stats documentation 2017-12-22 06:45:48 +01:00
xfrm_sync.txt
xfrm_sysctl.txt
z8530book.rst docs-rst: convert scsi DocBook to ReST 2017-05-16 08:44:15 -03:00
z8530drv.txt