evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/net/sctp
History
Eric Dumazet 993e400581 inet: stop leaking jiffies on the wire 
[ Upstream commit a904a0693c189691eeee64f6c6b188bd7dc244e9 ]

Historically linux tried to stick to RFC 791, 1122, 2003
for IPv4 ID field generation.

RFC 6864 made clear that no matter how hard we try,
we can not ensure unicity of IP ID within maximum
lifetime for all datagrams with a given source
address/destination address/protocol tuple.

Linux uses a per socket inet generator (inet_id), initialized
at connection startup with a XOR of 'jiffies' and other
fields that appear clear on the wire.

Thiemo Nagel pointed that this strategy is a privacy
concern as this provides 16 bits of entropy to fingerprint
devices.

Let's switch to a random starting point, this is just as
good as far as RFC 6864 is concerned and does not leak
anything critical.

Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Thiemo Nagel <tnagel@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-11-10 11:21:13 +01:00
..
associola.c sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer 2018-12-01 09:46:33 +01:00
auth.c sctp: translate host order to network order when setting a hmacid 2015-11-15 18:27:27 -05:00
bind_addr.c sctp: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
chunk.c switch sctp_user_addto_chunk() and sctp_datamsg_from_user() to passing iov_iter 2014-11-24 05:16:40 -05:00
debug.c net: sctp: fix array overrun read on sctp_timer_tbl 2017-12-09 18:42:42 +01:00
endpointola.c sctp: change to hold sk after auth shkey is created successfully 2019-07-10 09:56:36 +02:00
input.c sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect 2017-11-18 11:11:05 +01:00
inqueue.c sctp: fix the issue that the cookie-ack with auth can't get processed 2018-05-26 08:48:48 +02:00
ipv6.c sctp: fix the issue that flags are ignored when using kernel_connect 2019-11-06 12:09:25 +01:00
Kconfig net: sctp: get rid of SCTP_DBG_TSNS entirely 2013-07-02 00:08:03 -07:00
Makefile net: sctp: Inline the functions from command.c 2014-07-08 14:38:48 -07:00
objcnt.c sctp: fix checkpatch errors with (foo*)|foo * bar|foo* bar 2013-12-26 13:47:47 -05:00
output.c sctp: Fix race between OOTB responce and route removal 2015-06-29 09:28:42 -07:00
outqueue.c sctp: start t5 timer only when peer rwnd is 0 and local state is SHUTDOWN_PENDING 2015-12-06 22:31:51 -05:00
primitive.c sctp: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
probe.c sctp: loading sctp when load sctp_probe 2013-12-16 20:04:27 -05:00
proc.c sctp: replace seq_printf with seq_puts 2014-10-30 19:40:16 -04:00
protocol.c sctp: fix the issue that flags are ignored when using kernel_connect 2019-11-06 12:09:25 +01:00
sm_make_chunk.c fixup: sctp: verify size of a new chunk in _sctp_make_chunk() 2018-03-18 11:17:54 +01:00
sm_sideeffect.c sctp: use transport pf_retrans in sctp_do_8_2_transport_strike 2019-09-21 07:12:40 +02:00
sm_statefuns.c sctp: delay the authentication for the duplicated cookie-echo chunk 2018-05-26 08:48:49 +02:00
sm_statetable.c sctp: fix checkpatch errors with indent 2013-12-26 13:47:48 -05:00
socket.c inet: stop leaking jiffies on the wire 2019-11-10 11:21:13 +01:00
ssnmap.c sctp: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
sysctl.c net: sctp: prevent writes to cookie_hmac_alg from accessing invalid memory 2016-01-31 11:28:59 -08:00
transport.c remove abs64() 2015-11-09 15:11:24 -08:00
tsnmap.c sctp: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
ulpevent.c sctp: Fixup v4mapped behaviour to comply with Sock API 2014-07-31 21:49:06 -07:00
ulpqueue.c net: introduce SO_INCOMING_CPU 2014-11-11 13:00:06 -05:00