mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-05 18:39:59 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Eric Dumazet a904a0693c inet: stop leaking jiffies on the wire 
Historically linux tried to stick to RFC 791, 1122, 2003
for IPv4 ID field generation.

RFC 6864 made clear that no matter how hard we try,
we can not ensure unicity of IP ID within maximum
lifetime for all datagrams with a given source
address/destination address/protocol tuple.

Linux uses a per socket inet generator (inet_id), initialized
at connection startup with a XOR of 'jiffies' and other
fields that appear clear on the wire.

Thiemo Nagel pointed that this strategy is a privacy
concern as this provides 16 bits of entropy to fingerprint
devices.

Let's switch to a random starting point, this is just as
good as far as RFC 6864 is concerned and does not leak
anything critical.

Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Thiemo Nagel <tnagel@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-11-01 14:57:52 -07:00
..
6lowpan
9p 9p pull request for inclusion in 5.4 2019-09-27 15:10:34 -07:00
802
8021q net: remove unnecessary variables and callback 2019-10-24 14:53:49 -07:00
appletalk appletalk: enforce CAP_NET_RAW for raw sockets 2019-09-24 16:37:18 +02:00
atm net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
ax25 ax25: enforce CAP_NET_RAW for raw sockets 2019-09-24 16:37:18 +02:00
batman-adv Here are two batman-adv bugfixes: 2019-10-28 16:39:07 -07:00
bluetooth net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
bpf bpf/flow_dissector: support flags in BPF_PROG_TEST_RUN 2019-07-25 18:00:41 -07:00
bpfilter Kbuild updates for v5.3 2019-07-12 16:03:16 -07:00
bridge net: core: add generic lockdep keys 2019-10-24 14:53:48 -07:00
caif net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
can can: add support of SAE J1939 protocol 2019-09-04 14:22:33 +02:00
ceph libceph: use ceph_kvmalloc() for osdmap arrays 2019-09-16 12:06:25 +02:00
core net: annotate accesses to sk->sk_incoming_cpu 2019-10-30 13:24:25 -07:00
dcb
dccp inet: stop leaking jiffies on the wire 2019-11-01 14:57:52 -07:00
decnet net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
dns_resolver Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
dsa net: core: add generic lockdep keys 2019-10-24 14:53:48 -07:00
ethernet
hsr hsr: switch ->dellink() to ->ndo_uninit() 2019-07-11 14:37:45 -07:00
ieee802154 net: core: add generic lockdep keys 2019-10-24 14:53:48 -07:00
ife net: Fix Kconfig indentation 2019-09-26 08:56:17 +02:00
ipv4 inet: stop leaking jiffies on the wire 2019-11-01 14:57:52 -07:00
ipv6 net: annotate accesses to sk->sk_incoming_cpu 2019-10-30 13:24:25 -07:00
iucv net/af_iucv: mark expected switch fall-throughs 2019-07-29 10:26:14 -07:00
kcm kcm: disable preemption in kcm_parse_func_strparser() 2019-09-27 10:27:14 +02:00
key
l2tp net: core: add generic lockdep keys 2019-10-24 14:53:48 -07:00
l3mdev
lapb
llc net: silence KCSAN warnings around sk_add_backlog() calls 2019-10-09 21:42:59 -07:00
mac80211 mac80211: fix scan when operating on DFS channels in ETSI domains 2019-10-07 22:10:50 +02:00
mac802154
mpls ipv4: mpls: fix mpls_xmit for iptunnel 2019-08-25 14:34:08 -07:00
ncsi net/ncsi: Disable global multicast filter 2019-09-19 18:04:40 -07:00
netfilter Merge tag 'ipvs-fixes-for-v5.4' of https://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs 2019-10-26 12:42:45 +02:00
netlabel netlabel: remove redundant assignment to pointer iter 2019-09-01 11:45:02 -07:00
netlink
netrom net: core: add generic lockdep keys 2019-10-24 14:53:48 -07:00
nfc net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
nsh
openvswitch netns: fix GFP flags in rtnl_net_notifyid() 2019-10-25 20:14:42 -07:00
packet netfilter: drop bridge nf reset from nf_reset 2019-10-01 18:42:15 +02:00
phonet net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
psample net: sched: take reference to psample group in flow_action infra 2019-09-16 09:18:03 +02:00
qrtr net: qrtr: Stop rx_worker before freeing node 2019-09-21 18:45:46 -07:00
rds net/rds: Fix error handling in rds_ib_add_one() 2019-10-02 12:16:57 -04:00
rfkill
rose net: core: add generic lockdep keys 2019-10-24 14:53:48 -07:00
rxrpc rxrpc: Fix handling of last subpacket of jumbo packet 2019-10-31 12:23:09 -07:00
sched net: sch_generic: Use pfifo_fast as fallback scheduler for CAN hardware 2019-10-25 16:14:05 -07:00
sctp inet: stop leaking jiffies on the wire 2019-11-01 14:57:52 -07:00
smc net/smc: fix refcounting for non-blocking connect() 2019-10-29 18:09:50 -07:00
strparser
sunrpc SUNRPC: fix race to sk_err after xs_error_report 2019-10-10 16:14:28 -04:00
switchdev
tipc net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
tls net/tls: align non temporal copy to cache lines 2019-09-07 18:10:34 +02:00
unix net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
vmw_vsock net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
wimax wimax: no need to check return value of debugfs_create functions 2019-08-10 15:25:47 -07:00
wireless nl80211: fix validation of mesh path nexthop 2019-10-30 10:11:18 +01:00
x25 net: silence KCSAN warnings around sk_add_backlog() calls 2019-10-09 21:42:59 -07:00
xdp xsk: Fix registration of Rx-only sockets 2019-10-23 20:22:11 -07:00
xfrm netfilter: drop bridge nf reset from nf_reset 2019-10-01 18:42:15 +02:00
compat.c
Kconfig devlink: Add packet trap infrastructure 2019-08-17 12:40:08 -07:00
Makefile
socket.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
sysctl_net.c