Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-8]: src/sys/netinet Pull up following revision(s) (requested by c...
details: https://anonhg.NetBSD.org/src/rev/a876a547f5b6
branches: netbsd-8
changeset: 953463:a876a547f5b6
user: martin <martin%NetBSD.org@localhost>
date: Tue Mar 09 15:56:51 2021 +0000
description:
Pull up following revision(s) (requested by christos in ticket #1662):
sys/netinet/tcp_subr.c: revision 1.286
sys/netinet/tcp_timer.c: revision 1.96
sys/netinet/in_var.h: revision 1.102
sys/netinet/in_var.h: revision 1.99
Don't increment the iss sequence on each connection because it exposes
information (Amit Klein)
Add some randomness to the iss offset
Use a random IPv4 ID because the shuffling algorithm used before could expose
information (Amit Klein)
mv <sys/cprng.h> include to the kernel portion
diffstat:
sys/netinet/in_var.h | 6 ++++--
sys/netinet/tcp_subr.c | 6 ++----
sys/netinet/tcp_timer.c | 7 ++++---
3 files changed, 10 insertions(+), 9 deletions(-)
diffs (96 lines):
diff -r d8e9c4b7998a -r a876a547f5b6 sys/netinet/in_var.h
--- a/sys/netinet/in_var.h Sun Mar 07 19:14:54 2021 +0000
+++ b/sys/netinet/in_var.h Tue Mar 09 15:56:51 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: in_var.h,v 1.95 2017/05/12 17:53:54 ryo Exp $ */
+/* $NetBSD: in_var.h,v 1.95.2.1 2021/03/09 15:56:51 martin Exp $ */
/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -374,6 +374,7 @@
#ifdef _KERNEL
#include <net/pktqueue.h>
+#include <sys/cprng.h>
extern pktqueue_t *ip_pktq;
@@ -450,7 +451,8 @@
if (ip_do_randomid) {
/* XXX ignore num */
- return ip_randomid(ip_ids, ia ? ia->ia_idsalt : 0);
+ id = (uint16_t)cprng_fast32();
+ return id ? id : 1;
}
/* Never allow an IP ID of 0 (detect wrap). */
diff -r d8e9c4b7998a -r a876a547f5b6 sys/netinet/tcp_subr.c
--- a/sys/netinet/tcp_subr.c Sun Mar 07 19:14:54 2021 +0000
+++ b/sys/netinet/tcp_subr.c Tue Mar 09 15:56:51 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_subr.c,v 1.270.6.2 2021/03/07 19:13:24 martin Exp $ */
+/* $NetBSD: tcp_subr.c,v 1.270.6.3 2021/03/09 15:56:51 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_subr.c,v 1.270.6.2 2021/03/07 19:13:24 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_subr.c,v 1.270.6.3 2021/03/09 15:56:51 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -2301,7 +2301,6 @@
* XXX Use `addin'?
* XXX TCP_ISSINCR too large to use?
*/
- tcp_iss_seq += TCP_ISSINCR;
#ifdef TCPISS_DEBUG
printf("ISS hash 0x%08x, ", tcp_iss);
#endif
@@ -2337,7 +2336,6 @@
} else {
tcp_iss &= TCP_ISS_RANDOM_MASK;
tcp_iss += tcp_iss_seq;
- tcp_iss_seq += TCP_ISSINCR;
#ifdef TCPISS_DEBUG
printf("ISS %08x\n", tcp_iss);
#endif
diff -r d8e9c4b7998a -r a876a547f5b6 sys/netinet/tcp_timer.c
--- a/sys/netinet/tcp_timer.c Sun Mar 07 19:14:54 2021 +0000
+++ b/sys/netinet/tcp_timer.c Tue Mar 09 15:56:51 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_timer.c,v 1.91.8.1 2018/02/03 22:07:26 snj Exp $ */
+/* $NetBSD: tcp_timer.c,v 1.91.8.2 2021/03/09 15:56:51 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -93,7 +93,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_timer.c,v 1.91.8.1 2018/02/03 22:07:26 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_timer.c,v 1.91.8.2 2021/03/09 15:56:51 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -111,6 +111,7 @@
#include <sys/kernel.h>
#include <sys/callout.h>
#include <sys/workqueue.h>
+#include <sys/cprng.h>
#include <net/if.h>
@@ -261,7 +262,7 @@
{
mutex_enter(softnet_lock);
- tcp_iss_seq += TCP_ISSINCR; /* increment iss */
+ tcp_iss_seq += TCP_ISSINCR + (TCP_ISS_RANDOM_MASK & cprng_fast32());
tcp_now++; /* for timestamps */
mutex_exit(softnet_lock);
Home |
Main Index |
Thread Index |
Old Index