mirror
/
linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux/include/net/netns
History
Eric Dumazet 79e3602caa tcp: make global challenge ack rate limitation per net-ns and default disabled 
Because per host rate limiting has been proven problematic (side channel
attacks can be based on it), per host rate limiting of challenge acks ideally
should be per netns and turned off by default.

This is a long due followup of following commits:

083ae30828 ("tcp: enable per-socket rate limiting of all 'challenge acks'")
f2b2c582e8 ("tcp: mitigate ACK loops for connections as tcp_sock")
75ff39ccc1 ("tcp: make challenge acks less predictable")

Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Jason Baron <jbaron@akamai.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 		2022-08-31 19:56:48 -07:00
..
bpf.h bpf: Invert the dependency between bpf-netns.h and netns/bpf.h 2021-12-29 20:03:05 -08:00
can.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
conntrack.h netfilter: nfnetlink: re-enable conntrack expectation events 2022-08-11 18:09:54 +02:00
core.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
flow_table.h netfilter: nf_flow_table: count pending offload workqueue tasks 2022-07-11 16:25:14 +02:00
generic.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
hash.h
ieee802154_6lowpan.h
ipv4.h tcp: make global challenge ack rate limitation per net-ns and default disabled 2022-08-31 19:56:48 -07:00
ipv6.h ipv6: make ip6_rt_gc_expire an atomic_t 2022-04-15 14:28:50 -07:00
mctp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
mib.h
mpls.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
netfilter.h
nexthop.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
nftables.h
packet.h
sctp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
smc.h net/smc: Introduce a sysctl for setting SMC-R buffer type 2022-07-18 11:19:17 +01:00
unix.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
xdp.h
xfrm.h xfrm: rework default policy structure 2022-03-18 07:23:12 +01:00