armbian/linux
0
0
Fork 0
mirror of https://github.com/armbian/linux.git synced 2026-01-06 10:13:00 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
cdfcbd8d74fdfd7a0d55330a1b60411b153ae71b
linux/include/net
History
Eric Dumazet 86791bbfe5 tcp: implement RFC 5961 3.2 
[ Upstream commit 282f23c6ee ]

Implement the RFC 5691 mitigation against Blind
Reset attack using RST bit.

Idea is to validate incoming RST sequence,
to match RCV.NXT value, instead of previouly accepted
window : (RCV.NXT <= SEG.SEQ < RCV.NXT+RCV.WND)

If sequence is in window but not an exact match, send
a "challenge ACK", so that the other part can resend an
RST with the appropriate sequence.

Add a new sysctl, tcp_challenge_ack_limit, to limit
number of challenge ACK sent per second.

Add a new SNMP counter to count number of challenge acks sent.
(netstat -s | grep TCPChallengeACK)

Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Kiran Kumar Kella <kkiran@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-01-11 09:03:48 -08:00
..
9p
fs/9p: Use protocol-defined value for lock/getlock 'type' field.
2011-10-03 11:40:22 -07:00
bluetooth
Bluetooth: hci_core: fix NULL-pointer dereference at unregister
2012-04-22 16:21:42 -07:00
caif
caif: Update documentation of CAIF transmit and receive functions.
2011-05-22 20:11:48 -04:00
irda
Fix common misspellings
2011-03-31 11:26:23 -03:00
iucv
Fix common misspellings
2011-03-31 11:26:23 -03:00
netfilter
netfilter: nf_conntrack: fix racy timer handling with reliable events
2012-10-21 09:17:11 -07:00
netns
netns: Fail conspicously if someone uses net_generic at an inappropriate time.
2012-02-03 09:19:03 -08:00
phonet
net: dont hold rtnl mutex during netlink dump callbacks
2011-05-02 15:26:28 -07:00
sctp
sctp: check cached dst before using it
2012-06-10 00:33:03 +09:00
tc_act
net/sched: add ACT_CSUM action to update packets checksums
2010-08-20 01:42:59 -07:00
act_api.h
pkt_sched: gen_kill_estimator() rcu fixes
2010-06-11 18:37:08 -07:00
addrconf.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
af_ieee802154.h
af_rxrpc.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
af_unix.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
ah.h
ipsec: update MAX_AH_AUTH_LEN to support sha512
2011-01-13 21:48:25 -08:00
arp.h
net: fix NULL dereferences in check_peer_redir()
2012-02-13 11:06:13 -08:00
atmclip.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
ax25.h
ax88796.h
cfg80211.h
mac80211: fix rx->key NULL dereference during mic failure
2011-06-27 14:45:25 -04:00
checksum.h
cipso_ipv4.h
cipso: handle CIPSO options correctly when NetLabel is disabled
2012-07-16 08:47:36 -07:00
cls_cgroup.h
Merge commit 'v2.6.36-rc7' into core/rcu
2010-10-07 09:43:45 +02:00
compat.h
net: Add sendmmsg socket system call
2011-05-05 11:10:14 -07:00
datalink.h
dcbevent.h
net_dcb: add application notifiers
2010-12-31 10:47:46 -08:00
dcbnl.h
dcbnl: add support for retrieving peer configuration - cee
2011-03-02 21:58:55 -08:00
dn_dev.h
decnet: RCU conversion and get rid of dev_base_lock
2010-11-08 13:50:08 -08:00
dn_fib.h
decnet: Convert to use flowidn where applicable.
2011-03-12 15:08:55 -08:00
dn_neigh.h
dn_nsp.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
dn_route.h
decnet: Convert to use flowidn where applicable.
2011-03-12 15:08:55 -08:00
dn.h
decnet: Convert to use flowidn where applicable.
2011-03-12 15:08:55 -08:00
dsa.h
dsfield.h
dst_ops.h
net: Implement read-only protection and COW'ing of metrics.
2011-01-26 20:51:05 -08:00
dst.h
ipv6: fix incorrect ipsec fragment
2012-06-10 00:33:02 +09:00
esp.h
ethoc.h
fib_rules.h
fib_rules: __rcu annotates ctarget
2010-10-27 11:37:32 -07:00
flow.h
ipv4: reset flowi parameters on route connect
2012-02-29 16:34:03 -08:00
garp.h
garp: remove last synchronize_rcu() call
2011-05-12 17:46:56 -04:00
gen_stats.h
Fix common misspellings
2011-03-31 11:26:23 -03:00
genetlink.h
treewide: fix a few typos in comments
2011-05-10 10:16:21 +02:00
gre.h
PPTP: PPP over IPv4 (Point-to-Point Tunneling Protocol)
2010-08-21 23:05:39 -07:00
icmp.h
inetpeer: Move ICMP rate limiting state into inet_peer entries.
2011-02-04 15:59:53 -08:00
ieee80211_radiotap.h
mac80211: add MCS information to radiotap
2011-01-28 15:44:29 -05:00
ieee802154_netdev.h
ieee802154.h
if_inet6.h
ipv6: reduce per device ICMP mib sizes
2011-05-19 16:21:22 -04:00
inet6_connection_sock.h
inet: Pass flowi to ->queue_xmit().
2011-05-08 15:28:28 -07:00
inet6_hashtables.h
inet_common.h
inet, inet6: make tcp_sendmsg() and tcp_sendpage() through inet_sendmsg() and inet_sendpage()
2010-07-12 20:21:46 -07:00
inet_connection_sock.h
ipv4: Make caller provide flowi4 key to inet_csk_route_req().
2011-05-18 18:32:03 -04:00
inet_ecn.h
ipv6: restore correct ECN handling on TCP xmit
2011-05-12 18:52:14 -04:00
inet_frag.h
fragment: add fast path for in-order fragments
2010-06-30 13:44:29 -07:00
inet_hashtables.h
tproxy: fix hash locking issue when using port redirection in __inet_inherit_port()
2010-10-21 13:06:43 +02:00
inet_sock.h
ipv4: Save nexthop address of LSRR/SSRR option to IPCB.
2012-02-29 16:34:02 -08:00
inet_timewait_sock.h
net: optimize INET input path further
2010-12-09 20:05:58 -08:00
inetpeer.h
inet: constify ip headers and in6_addr
2011-04-22 11:04:14 -07:00
ip6_checksum.h
ip6_fib.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
ip6_route.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
ip6_tunnel.h
tunnels: add _rcu annotations
2010-10-25 13:09:45 -07:00
ip_fib.h
ipv4: Call fib_select_default() only when actually necessary.
2011-04-14 15:05:22 -07:00
ip_vs.h
ipvs: fix oops on NAT reply in br_nf context
2012-10-21 09:17:11 -07:00
ip.h
ipv4: Pass explicit daddr arg to ip_send_reply().
2011-05-10 13:32:46 -07:00
ipcomp.h
ipconfig.h
ipip.h
tunnels: add __rcu annotations
2010-10-27 11:37:32 -07:00
ipv6.h
ipv6: fix NULL dereference in udp6_ufo_fragment()
2011-10-16 14:14:54 -07:00
ipx.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
iw_handler.h
Fix common misspellings
2011-03-31 11:26:23 -03:00
lapb.h
lib80211.h
lib80211: remove unused host_build_iv option
2010-07-26 15:09:04 -04:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
bonding,llc: Fix structure sizeof incompatibility for some PDUs
2011-05-13 15:13:24 -04:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
mac80211.h
Merge ssh://master.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem
2011-05-24 16:47:54 -04:00
mip6.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
mld.h
ipv6 mcast: Introduce include/net/mld.h for MLD definitions.
2010-04-23 13:35:55 +09:00
ndisc.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
neighbour.h
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2010-11-19 13:13:47 -08:00
net_namespace.h
Delay struct net freeing while there's a sysfs instance refering to it
2011-06-12 17:45:41 -04:00
net_ratelimit.h
net: Kill ratelimit.h dependency in linux/net.h
2011-05-27 13:41:33 -04:00
netdma.h
netevent.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
netlabel.h
netlink.h
treewide: fix a few typos in comments
2011-05-10 10:16:21 +02:00
netrom.h
nexthop.h
nl802154.h
p8022.h
ping.h
net: ping: fix build failure
2011-05-17 14:16:58 -04:00
pkt_cls.h
net: Fix range checks in tcf_valid_offset().
2010-12-21 12:43:16 -08:00
pkt_sched.h
Fix common misspellings
2011-03-31 11:26:23 -03:00
protocol.h
net: change netdev->features to u32
2011-01-24 15:32:47 -08:00
psnap.h
raw.h
include/net/raw.h: Convert raw_seq_private macro to inline
2010-09-08 13:42:22 -07:00
rawv6.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
red.h
sched: remove unused backlog in RED stats
2011-01-12 19:00:39 -08:00
regulatory.h
cfg80211: Fix regulatory bug with multiple cards and delays
2010-11-22 15:48:51 -05:00
request_sock.h
rose.h
rose: Add length checks to CALL_REQUEST parsing
2011-03-27 17:59:04 -07:00
route.h
ipv4: reset flowi parameters on route connect
2012-02-29 16:34:03 -08:00
rtnetlink.h
rtnl: make link af-specific updates atomic
2010-11-27 22:56:08 -08:00
sch_generic.h
bonding: Fix corrupted queue_mapping
2012-07-16 08:47:37 -07:00
scm.h
scm: lower SCM_MAX_FD
2010-11-24 11:16:43 -08:00
secure_seq.h
net: Compute protocol sequence numbers and fragment IDs using MD5.
2011-08-15 18:31:35 -07:00
slhc_vj.h
snmp.h
ipv6: reduce per device ICMP mib sizes
2011-05-19 16:21:22 -04:00
sock.h
tcp: Apply device TSO segment limit earlier
2012-10-02 09:47:04 -07:00
stp.h
tcp_states.h
tcp.h
tcp: implement RFC 5961 3.2
2013-01-11 09:03:48 -08:00
timewait_sock.h
timewait_sock: Create and use getpeer op.
2010-12-01 18:09:13 -08:00
transp_v6.h
ipv6: make fragment identifications less predictable
2011-08-15 18:31:37 -07:00
udp.h
udp: Switch to ip_finish_skb
2011-03-01 12:35:03 -08:00
udplite.h
udp: Switch to ip_finish_skb
2011-03-01 12:35:03 -08:00
wext.h
wimax.h
net: Remove __KERNEL__ cpp checks from include/net
2011-04-24 10:54:56 -07:00
wpan-phy.h
Fix common misspellings
2011-03-31 11:26:23 -03:00
x25.h
X25 remove bkl in subscription ioctls
2010-11-28 11:12:20 -08:00
x25device.h
X25: Add if_x25.h and x25 to device identifiers
2010-04-22 16:12:36 -07:00
xfrm.h
xfrm: Workaround incompatibility of ESN and async crypto
2012-10-13 05:28:03 +09:00