korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-27 22:24:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
9a5213593c
linux/include/net/netns
History
Eric Dumazet 79e3602caa tcp: make global challenge ack rate limitation per net-ns and default disabled 
Because per host rate limiting has been proven problematic (side channel
attacks can be based on it), per host rate limiting of challenge acks ideally
should be per netns and turned off by default.

This is a long due followup of following commits:

083ae30828 ("tcp: enable per-socket rate limiting of all 'challenge acks'")
f2b2c582e8 ("tcp: mitigate ACK loops for connections as tcp_sock")
75ff39ccc1 ("tcp: make challenge acks less predictable")

Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Jason Baron <jbaron@akamai.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-08-31 19:56:48 -07:00
..
bpf.h bpf: Invert the dependency between bpf-netns.h and netns/bpf.h 2021-12-29 20:03:05 -08:00
can.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
conntrack.h netfilter: nfnetlink: re-enable conntrack expectation events 2022-08-11 18:09:54 +02:00
core.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
flow_table.h netfilter: nf_flow_table: count pending offload workqueue tasks 2022-07-11 16:25:14 +02:00
generic.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
hash.h netns: provide pure entropy for net_hash_mix() 2019-03-28 17:00:45 -07:00
ieee802154_6lowpan.h net: dynamically allocate fqdir structures 2019-05-26 14:08:05 -07:00
ipv4.h tcp: make global challenge ack rate limitation per net-ns and default disabled 2022-08-31 19:56:48 -07:00
ipv6.h ipv6: make ip6_rt_gc_expire an atomic_t 2022-04-15 14:28:50 -07:00
mctp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
mib.h net: reorganize fields in netns_mib 2021-04-02 14:31:44 -07:00
mpls.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
netfilter.h netfilter: conntrack: fix boot failure with nf_conntrack.enable_hooks=1 2021-09-28 13:04:55 +02:00
nexthop.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
nftables.h net: remove obsolete members from struct net 2021-04-06 00:34:53 +02:00
packet.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sctp.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
smc.h net/smc: Introduce a sysctl for setting SMC-R buffer type 2022-07-18 11:19:17 +01:00
unix.h net: add missing includes and forward declarations under net/ 2022-07-22 12:53:22 +01:00
xdp.h net: xsk: track AF_XDP sockets on a per-netns list 2019-01-25 01:50:03 +01:00
xfrm.h xfrm: rework default policy structure 2022-03-18 07:23:12 +01:00