A peer (or local user) may cause TCP to use a nominal MSS of as little as 88 (actual MSS of 76 with timestamps). Given that we have a sufficiently prodigious local sender and the peer ACKs quickly enough, it is nevertheless possible to grow the window for such a connection to the point that we will try to send just under 64K at once. This results in a single skb that expands to 861 segments. In some drivers with TSO support, such an skb will require hundreds of DMA descriptors; a substantial fraction of a TX ring or even more than a full ring. The TX queue selected for the skb may stall and trigger the TX watchdog repeatedly (since the problem skb will be retried after the TX reset). Upstream patch: http://www.spinics.net/lists/netdev/msg206332.html References: http://seclists.org/oss-sec/2012/q3/171 Reproducible: Always
There are no longer any 2.x or <3.2.30 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.