Description: sfc: potential remote denial of service through TCP MSS option
References:
 http://www.spinics.net/lists/netdev/msg206292.html
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3412
Notes:
 bwh> Critical changes are commit 30b678d844af3305cda5953467005cebb5d7b687
 bwh> and 7e6d06f0de3f74ca929441add094518ae332257c.  The following commit
 bwh> 7e6d06f0de3f74ca929441add094518ae332257c reduces the performance hit
 bwh> for sfc in the extreme case that causes DoS, but it's higher risk and
 bwh> I'm not aware of any customer hitting this.  There is an alternate
 bwh> fix available that only touches the sfc driver, but with a greater
 bwh> performance hit again.
Bugs:
upstream: released (3.6-rc2) [30b678d844af3305cda5953467005cebb5d7b687, 7e6d06f0de3f74ca929441add094518ae332257c, 7e6d06f0de3f74ca929441add094518ae332257c]
2.6.32-upstream-stable: ignored
sid: released (3.2.29-1) [bugfix/all/net-allow-driver-to-limit-number-of-gso-segments-per-skb.patch, bugfix/all/sfc-fix-maximum-number-of-tso-segments-and-minimum-tx-queue-size.patch, bugfix/all/tcp-apply-device-tso-segment-limit-earlier.patch]
2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/sfc-Fix-maximum-number-of-TSO-segments-and-minimum-T.patch]
3.2-wheezy-security: released (3.2.29-1)
3.2-upstream-stable: released (3.2.30) [net-allow-driver-to-limit-number-of-gso-segments-per-skb.patch, sfc-fix-maximum-number-of-tso-segments-and-minimum-tx-queue-size.patch, tcp-apply-device-tso-segment-limit-earlier.patch]