The following changes fix a potential DoS by peers or local users on network interfaces using the sfc driver (and possibly others) with TSO enabled (as it is by default). Please apply patches 1 and 2 to the net tree and your stable update queue. I'm not sure whether patch 3 is really important. Ben. Ben Hutchings (3): net: Allow driver to limit number of GSO segments per skb sfc: Fix maximum number of TSO segments and minimum TX queue size tcp: Apply device TSO segment limit earlier drivers/net/ethernet/sfc/efx.c | 6 ++++++ drivers/net/ethernet/sfc/efx.h | 14 ++++++++++---- drivers/net/ethernet/sfc/ethtool.c | 16 +++++++++++----- drivers/net/ethernet/sfc/tx.c | 19 +++++++++++++++++++ include/linux/netdevice.h | 2 ++ include/net/sock.h | 2 ++ net/core/dev.c | 4 ++++ net/core/sock.c | 1 + net/ipv4/tcp.c | 4 +++- net/ipv4/tcp_cong.c | 3 ++- net/ipv4/tcp_output.c | 21 ++++++++++++--------- 11 files changed, 72 insertions(+), 20 deletions(-) -- 1.7.7.6 -- Ben Hutchings, Staff Engineer, Solarflare Not speaking for my employer; that's the marketing department's job. They asked us to note that Solarflare product names are trademarked. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html