Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-22 20:22:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
f4dca95fc0
linux/include/net
History
Eric Dumazet f4dca95fc0 tcp: reduce accepted window in NEW_SYN_RECV state 
Jason commit made checks against ACK sequence less strict
and can be exploited by attackers to establish spoofed flows
with less probes.

Innocent users might use tcp_rmem[1] == 1,000,000,000,
or something more reasonable.

An attacker can use a regular TCP connection to learn the server
initial tp->rcv_wnd, and use it to optimize the attack.

If we make sure that only the announced window (smaller than 65535)
is used for ACK validation, we force an attacker to use
65537 packets to complete the 3WHS (assuming server ISN is unknown)

Fixes: 378979e94e ("tcp: remove 64 KByte limit for initial tp->rcv_wnd value")
Link: https://datatracker.ietf.org/meeting/119/materials/slides-119-tcpm-ghost-acks-00
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Reviewed-by: Jason Xing <kerneljasonxing@gmail.com>
Link: https://lore.kernel.org/r/20240523130528.60376-1-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2024-05-27 16:47:23 -07:00
..
9p netfs, 9p: Implement helpers for new write code 2024-05-01 18:07:37 +01:00
bluetooth Bluetooth: hci_core: Fix not handling hdev->le_num_of_adv_sets=1 2024-05-14 10:56:37 -04:00
caif net: caif: Remove unused declaration cfsrvl_ctrlcmd() 2023-08-10 18:24:48 -07:00
iucv s390/iucv: Unexport iucv_root 2024-05-14 20:21:04 +02:00
libeth libeth: add Rx buffer management 2024-04-24 11:06:25 -07:00
mana Merge branch mana-ib-flex of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git 2024-04-11 07:38:28 -07:00
netfilter netfilter: nf_tables: allow clone callbacks to sleep 2024-05-10 11:13:45 +02:00
netns net: Namespace-ify sysctl_optmem_max 2023-12-15 11:01:27 +00:00
nfc nfc: core: make nfc_class constant 2024-03-05 11:21:18 -08:00
page_pool dma-mapping updates for Linux 6.10 2024-05-20 10:23:39 -07:00
phonet net: ioctl: Use kernel memory on protocol ioctl callbacks 2023-06-15 22:33:26 -07:00
sctp sctp: preserve const qualifier in sctp_sk() 2024-02-05 11:08:06 +00:00
tc_act net/sched: Retire ipt action 2024-01-02 12:41:16 +00:00
6lowpan.h
act_api.h net/sched: Add helper macros with module names 2024-02-02 10:57:55 -08:00
addrconf.h ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr 2024-04-09 17:09:05 -07:00
af_ieee802154.h
af_rxrpc.h rxrpc, afs: Allow afs to pin rxrpc_peer objects 2023-12-24 15:22:50 +00:00
af_unix.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-25 12:41:37 -07:00
af_vsock.h virtio/vsock: send credit update during setting SO_RCVLOWAT 2023-12-15 10:37:35 +00:00
ah.h
amt.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
arp.h neighbour: switch to standard rcu, instead of rcu_bh 2023-03-21 21:32:18 -07:00
atmclip.h
ax25.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-05-14 10:53:19 -07:00
ax88796.h ax88796: Fix some typo in a comment 2022-08-09 22:14:02 -07:00
bareudp.h bareudp: Move definition of struct bareudp_conf to bareudp.c 2021-12-13 12:34:09 +00:00
bond_3ad.h bonding: Add independent control state machine 2024-02-06 13:17:54 +01:00
bond_alb.h bonding (gcc13): synchronize bond_{a,t}lb_xmit() types 2022-11-02 20:38:13 -07:00
bond_options.h bonding: Add independent control state machine 2024-02-06 13:17:54 +01:00
bonding.h bonding: Add independent control state machine 2024-02-06 13:17:54 +01:00
bpf_sk_storage.h
busy_poll.h net: add napi_busy_loop_rcu() 2024-02-09 10:01:09 -08:00
calipso.h
cfg80211-wext.h wifi: cfg80211: Avoid clashing function prototypes 2022-11-16 11:31:47 +02:00
cfg80211.h wifi: cfg80211: handle color change per link 2024-05-03 10:18:03 +02:00
cfg802154.h mac802154: fix llsec key resources release in mac802154_llsec_key_del 2024-03-06 21:01:26 +01:00
checksum.h net: checksum: drop the linux/uaccess.h include 2023-01-27 11:19:46 +00:00
cipso_ipv4.h netlabel: fix RCU annotation for IPv4 options on socket creation 2024-05-13 14:58:12 -07:00
cls_cgroup.h
codel_impl.h codel: remove unnecessary sock.h include 2021-12-22 15:03:47 -08:00
codel_qdisc.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
codel.h codel: fix kernel-doc notation warnings 2023-07-14 20:39:29 -07:00
compat.h net: copy from user before calling __get_compat_msghdr 2022-07-24 18:39:17 -06:00
datalink.h net: datalink: Remove unused declarations 2023-07-27 17:17:32 -07:00
dcbevent.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
dcbnl.h net: dcb: add helper functions to retrieve PCP and DSCP rewrite maps 2023-01-20 09:33:22 +00:00
devlink.h devlink: extend devlink_param *set pointer 2024-04-22 13:05:19 -07:00
dropreason-core.h tcp: introduce dropreasons in receive path 2024-02-28 10:39:21 +00:00
dropreason.h net: openvswitch: add last-action drop reason 2023-08-14 08:01:06 +01:00
dsa_stubs.h net: dsa: Use conduit and user terms 2023-10-24 13:08:14 -07:00
dsa.h net: dsa: add support switches global DSCP priority mapping 2024-05-08 10:35:10 +01:00
dscp.h net: add IEEE 802.1q specific helpers 2024-05-08 10:35:09 +01:00
dsfield.h
dst_cache.h net: dst_cache: annotate data-races around dst_cache->reset_ts 2024-05-08 18:49:51 -07:00
dst_metadata.h ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
dst_ops.h net: remove unnecessary input parameter 'how' in ifdown function 2023-08-22 13:19:02 +02:00
dst.h net: dst: Make dst_destroy() static and return void. 2024-02-06 11:45:53 +01:00
eee.h net: add helpers for EEE configuration 2024-03-05 19:21:17 -08:00
erspan.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
esp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
espintcp.h inet: preserve const qualifier in inet_csk() 2024-04-01 21:27:08 -07:00
ethoc.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
failover.h net: failover: add net device refcount tracker 2021-12-06 16:06:02 -08:00
fib_notifier.h
fib_rules.h fib: remove unnecessary input parameters in fib_default_rule_add 2024-01-03 16:42:48 -08:00
firewire.h firewire: net: Make use of get_unaligned_be48(), put_unaligned_be48() 2022-07-28 22:21:54 -07:00
flow_dissector.h ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
flow_offload.h flow_offload: add control flag checking helpers 2024-04-15 10:33:14 +01:00
flow.h inet: shrink struct flowi_common 2023-11-02 09:31:02 +01:00
fou.h bpf,fou: Add bpf_skb_{set,get}_fou_encap kfuncs 2023-04-12 16:40:39 -07:00
fq_impl.h wifi: mac80211: add support for restricting netdev features per vif 2022-12-01 15:09:10 +01:00
fq.h net: fq: Remove unused typedef fq_flow_get_default_t 2023-08-08 15:58:23 -07:00
garp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
gen_stats.h
genetlink.h genetlink: remove linux/genetlink.h 2024-04-01 21:44:34 -07:00
geneve.h net: geneve: fix array of flexible structures warnings 2022-10-31 10:43:04 +00:00
gre.h ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
gro_cells.h
gro.h net: gro: fix napi_gro_cb zeroed alignment 2024-05-14 10:49:50 -07:00
gso.h net: move gso declarations and functions to their own files 2023-06-10 00:11:41 -07:00
gtp.h gtp: properly parse extension headers 2024-05-07 01:35:55 +02:00
gue.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
handshake.h net/handshake: Add helpers for parsing incoming TLS Alerts 2023-07-28 14:07:59 -07:00
hotdata.h net: move sysctl_mem_pcpu_rsv to net_hotdata 2024-04-30 18:46:52 -07:00
hwbm.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
icmp.h
ieee8021q.h net: add IEEE 802.1q specific helpers 2024-05-08 10:35:09 +01:00
ieee80211_radiotap.h wifi: radiotap: add bandwidth definition of EHT U-SIG 2023-10-12 15:14:27 +03:00
ieee802154_netdev.h mac802154: Handle association requests from peers 2023-11-20 11:43:03 +01:00
if_inet6.h ipv6: anycast: complete RCU handling of struct ifacaddr6 2024-02-26 18:40:34 -08:00
ife.h
inet6_connection_sock.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
inet6_hashtables.h net: Fix slab-out-of-bounds in inet[6]_steal_sock 2023-08-15 13:57:51 -07:00
inet_common.h net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
inet_connection_sock.h net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
inet_dscp.h ipv6: Define dscp_t and stop taking ECN bits into account in fib6-rules 2022-02-07 20:12:45 -08:00
inet_ecn.h
inet_frag.h inet: frags: eliminate kernel-doc warning 2023-07-14 20:39:29 -07:00
inet_hashtables.h tcp: Remove dead code and fields for bhash2. 2023-12-22 22:15:35 +00:00
inet_sock.h inet: Add getsockopt support for IP_ROUTER_ALERT and IPV6_ROUTER_ALERT 2024-03-06 12:37:06 +00:00
inet_timewait_sock.h tcp/dccp: do not care about families in inet_twsk_purge() 2024-04-01 21:27:58 -07:00
inetpeer.h
ioam6.h net: ioam6: multicast event 2024-02-28 11:19:41 +00:00
ip6_checksum.h net: move gro definitions to include/net/gro.h 2021-11-16 13:16:54 +00:00
ip6_fib.h ipv6: introduce dst_rt6_info() helper 2024-04-29 13:32:01 +01:00
ip6_route.h ipv6: introduce dst_rt6_info() helper 2024-04-29 13:32:01 +01:00
ip6_tunnel.h ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
ip_fib.h inet: allow ip_valid_fib_dump_req() to be called with RTNL or RCU 2024-02-26 11:46:12 +00:00
ip_tunnels.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-11 14:23:47 -07:00
ip_vs.h ipvs: Correct spelling in comments 2023-04-22 01:39:41 +02:00
ip.h inet: introduce dst_rtable() helper 2024-04-30 18:32:38 -07:00
ipcomp.h xfrm: ipcomp: add extack to ipcomp{4,6}_init_state 2022-09-29 07:18:00 +02:00
ipconfig.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
ipv6_frag.h net: dropreason: add SKB_DROP_REASON_FRAG_REASM_TIMEOUT 2022-10-31 20:14:27 -07:00
ipv6_stubs.h ipsec-next-2023-10-28 2023-10-30 14:36:57 -07:00
ipv6.h ipv6: annotate data-races around cnf.forwarding 2024-03-01 08:42:31 +00:00
iw_handler.h wifi: wext: Remove unused declaration dev_get_wireless_info() 2023-08-22 21:40:40 +02:00
kcm.h kcm: Send multiple frags in one sendmsg() 2023-06-12 21:13:23 -07:00
l3mdev.h
lag.h
lapb.h
lib80211.h
llc_c_ac.h net: llc: Remove unused function declarations 2023-08-04 15:33:17 -07:00
llc_c_ev.h net: llc: Remove unused function declarations 2023-08-04 15:33:17 -07:00
llc_c_st.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
llc_conn.h llc: Check netns in llc_estab_match() and llc_listener_match(). 2023-07-20 10:46:28 +02:00
llc_if.h
llc_pdu.h llc: Drop support for ETH_P_TR_802_2. 2024-01-19 21:30:09 -08:00
llc_s_ac.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
llc_s_ev.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
llc_s_st.h add missing includes and forward declarations to networking includes under linux/ 2022-07-28 11:29:36 +02:00
llc_sap.h
llc.h
lwtunnel.h lwt: Check LWTUNNEL_XMIT_CONTINUE strictly 2023-08-18 16:05:26 +02:00
mac80211.h wifi: mac80211: handle color change per link 2024-05-03 10:18:19 +02:00
mac802154.h mac802154: Drop IEEE802154_HW_RX_DROP_BAD_CKSUM 2022-10-12 12:57:19 +02:00
macsec.h macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads 2024-04-25 08:20:54 -07:00
mctp.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-02-29 14:24:56 -08:00
mctpdevice.h
mip6.h
mld.h
mpls_iptunnel.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
mpls.h
mptcp.h mptcp: add net.mptcp.available_schedulers 2024-05-13 18:29:23 -07:00
mrp.h mrp: introduce active flags to prevent UAF when applicant uninit 2022-11-18 12:14:55 +00:00
ncsi.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
ndisc.h ndisc: Remove unused ndisc_ifinfo_sysctl_strategy() declaration 2023-08-07 08:53:55 +01:00
neighbour.h neighbour: Fix __randomize_layout crash in struct neighbour 2023-11-28 12:18:29 +01:00
net_debug.h net: add CONFIG_DEBUG_NET 2022-05-11 12:43:10 +01:00
net_failover.h
net_namespace.h net: add exit_batch_rtnl() method 2024-02-07 18:55:10 -08:00
net_ratelimit.h
net_trackers.h net: add networking namespace refcount tracker 2021-12-10 06:38:26 -08:00
netdev_queues.h netdev: Add queue stats for TX stop and wake 2024-05-13 14:58:36 -07:00
netdev_rx_queue.h net: Add queue and napi association 2023-12-04 18:04:05 -08:00
netevent.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
netkit.h bpf, netkit: Add indirect call wrapper for fetching peer dev 2023-11-20 10:15:16 -08:00
netlabel.h The usual shower of singleton fixes and minor series all over MM, 2024-05-19 09:21:03 -07:00
netlink.h The usual shower of singleton fixes and minor series all over MM, 2024-05-19 09:21:03 -07:00
netmem.h net: introduce abstraction for network memory 2024-02-20 09:22:58 +01:00
netprio_cgroup.h
netrom.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
nexthop.h net: add two more call_rcu_hurry() 2024-04-25 15:24:23 -07:00
nl802154.h ieee802154: Give the user the association list 2023-11-20 11:43:45 +01:00
nsh.h net: NSH: fix kernel-doc notation warning 2023-07-14 20:39:29 -07:00
p8022.h net: 802: Remove unused function declarations 2023-08-04 15:33:50 -07:00
pfcp.h pfcp: always set pfcp metadata 2024-04-01 10:49:28 +01:00
pie.h pie: fix kernel-doc notation warning 2023-07-14 20:39:30 -07:00
ping.h net/ipv4: ping_group_range: allow GID from 2147483648 to 4294967294 2023-06-02 09:55:22 +01:00
pkt_cls.h net: sched: make skip_sw actually skip software 2024-03-29 09:46:39 +00:00
pkt_sched.h net/sched: Add helper macros with module names 2024-02-02 10:57:55 -08:00
pptp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
proto_memory.h net: move sysctl_mem_pcpu_rsv to net_hotdata 2024-04-30 18:46:52 -07:00
protocol.h ipv6: move tcp_ipv6_hash_secret and udp_ipv6_hash_secret to net_hotdata 2024-03-07 21:12:43 -08:00
psample.h
psnap.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
raw.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-04-06 12:01:20 -07:00
rawv6.h ipv6: raw: constify raw_v6_match() socket argument 2023-03-17 08:56:37 +00:00
red.h net_sched: sch_choke: implement lockless choke_dump() 2024-04-19 11:34:07 +01:00
regulatory.h wifi: cfg80211: save power spectral density(psd) of regulatory rule 2023-09-18 09:44:05 +02:00
request_sock.h tcp: reduce accepted window in NEW_SYN_RECV state 2024-05-27 16:47:23 -07:00
rose.h net: rose: add netdev ref tracker to 'struct rose_sock' 2022-08-01 11:59:23 -07:00
route.h inet: introduce dst_rtable() helper 2024-04-30 18:32:38 -07:00
rpl.h ipv6: rpl: Remove pskb(_may)?_pull() in ipv6_rpl_srh_rcv(). 2023-06-19 11:32:58 -07:00
rps.h net: rps: add rps_input_queue_head_add() helper 2024-04-01 11:28:32 +01:00
rsi_91x.h rsi: remove kernel-doc comment marker 2023-07-14 20:39:30 -07:00
rstreason.h tcp: rstreason: fully support in tcp_check_req() 2024-05-13 17:33:57 -07:00
rtnetlink.h rtnetlink: add RTNL_FLAG_DUMP_UNLOCKED flag 2024-02-26 11:46:12 +00:00
rtnh.h
sch_generic.h net/sched: fix false lockdep warning on qdisc root lock 2024-04-26 10:46:41 +02:00
scm.h af_unix: Add dead flag to struct scm_fp_list. 2024-05-10 18:52:45 -07:00
secure_seq.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
seg6_hmac.h
seg6_local.h
seg6.h udp6: Use Segment Routing Header for dest address if present 2022-01-04 12:17:35 +00:00
selftests.h
slhc_vj.h
smc.h net/smc: add operations to merge sndbuf with peer DMB 2024-04-30 13:24:48 +02:00
snmp.h
sock_reuseport.h soreuseport: Fix socket selection for SO_INCOMING_CPU. 2022-10-25 11:35:16 +02:00
sock.h net: pass back whether socket was empty post accept 2024-05-13 18:19:20 -06:00
Space.h net: appletalk: remove cops support 2023-10-04 11:49:20 -07:00
stp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
strparser.h tls: rx: remove the message decrypted tracking 2022-07-18 11:24:10 +01:00
switchdev.h net: bridge: switchdev: Skip MDB replays of deferred events on offload 2024-02-16 09:36:37 +00:00
tc_wrapper.h Merge branch 'x86/bugs' into x86/core, to pick up pending changes before dependent patches 2024-02-14 10:49:37 +01:00
tcp_ao.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-01-04 18:06:46 -08:00
tcp_states.h tcp: Dump bound-only sockets in inet_diag. 2023-12-04 14:45:26 -08:00
tcp.h bpf-next-for-netdev 2024-05-13 16:41:10 -07:00
tcx.h mm: change inlined allocation helpers to account at the call site 2024-04-25 20:55:59 -07:00
timewait_sock.h tcp: get rid of twsk_unique() 2024-05-09 20:25:55 -07:00
tipc.h
tls_prot.h net/tls: Add TLS Alert definitions 2023-07-28 14:07:59 -07:00
tls_toe.h
tls.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-25 12:41:37 -07:00
transp_v6.h inet6: Remove unused function declaration udpv6_connect() 2023-08-01 15:06:27 -07:00
tso.h net: tso: inline tso_count_descs() 2022-12-12 15:04:39 -08:00
tun_proto.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
udp_tunnel.h ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
udp.h new helper: copy_to_iter_full() 2024-04-07 02:42:36 -04:00
udplite.h udplite: fix various data-races 2023-09-14 16:16:36 +02:00
vsock_addr.h
vxlan.h vxlan: add support for flowlabel inherit 2023-11-16 22:33:31 +00:00
wext.h
x25.h x25: preserve const qualifier in [a]x25_sk() 2023-03-18 12:23:34 +00:00
x25device.h
xdp_priv.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
xdp_sock_drv.h xsk: use generic DMA sync shortcut instead of a custom one 2024-05-08 08:51:20 +02:00
xdp_sock.h xsk: Don't assume metadata is always requested in TX completion 2024-03-19 13:47:29 +01:00
xdp.h net, xdp: Correct grammar 2023-12-14 16:38:59 +01:00
xfrm.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-05-09 10:01:01 -07:00
xsk_buff_pool.h xsk: use generic DMA sync shortcut instead of a custom one 2024-05-08 08:51:20 +02:00