linux/drivers/crypto
Eric Dumazet a904a0693c inet: stop leaking jiffies on the wire
Historically linux tried to stick to RFC 791, 1122, 2003
for IPv4 ID field generation.

RFC 6864 made clear that no matter how hard we try,
we can not ensure unicity of IP ID within maximum
lifetime for all datagrams with a given source
address/destination address/protocol tuple.

Linux uses a per socket inet generator (inet_id), initialized
at connection startup with a XOR of 'jiffies' and other
fields that appear clear on the wire.

Thiemo Nagel pointed that this strategy is a privacy
concern as this provides 16 bits of entropy to fingerprint
devices.

Let's switch to a random starting point, this is just as
good as far as RFC 6864 is concerned and does not leak
anything critical.

Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Thiemo Nagel <tnagel@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-11-01 14:57:52 -07:00
..
amcc crypto: amcc - switch to AES library for GCM key derivation 2019-07-26 14:58:12 +10:00
axis crypto: artpec6 - use devm_platform_ioremap_resource() to simplify code 2019-08-09 15:11:58 +10:00
bcm crypto: bcm/des - switch to new verification routines 2019-08-22 14:39:38 +10:00
caam crypto: caam - Cast to long first before pointer conversion 2019-09-13 21:20:47 +10:00
cavium crypto: cavium/zip - Add missing single_release() 2019-09-09 23:48:41 +10:00
ccp Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-09-18 12:11:14 -07:00
ccree crypto: ccree - enable CTS support in AES-XTS 2019-09-13 21:17:58 +10:00
chelsio inet: stop leaking jiffies on the wire 2019-11-01 14:57:52 -07:00
hisilicon crypto: hisilicon - avoid unused function warning 2019-09-20 23:05:33 +10:00
inside-secure crypto: inside-secure - Fix unused variable warning when CONFIG_PCI=n 2019-09-20 22:53:09 +10:00
marvell crypto: marvell - Use kzfree rather than its implementation 2019-09-09 23:48:40 +10:00
mediatek crypto: mediatek - fix incorrect crypto key setting 2019-09-05 14:36:54 +10:00
nx crypto: nx - remove unused variables 'nx_driver_string' and 'nx_driver_version' 2019-08-30 18:05:31 +10:00
qat crypto: qat - Silence smp_processor_id() warning 2019-08-02 14:44:00 +10:00
qce crypto: qce/des - switch to new verification routines 2019-08-22 14:57:32 +10:00
rockchip crypto: rk3288/des - switch to new verification routines 2019-08-22 14:57:32 +10:00
stm32 crypto: des - split off DES library from generic DES cipher driver 2019-08-22 14:57:33 +10:00
sunxi-ss crypto: sun4i/des - switch to new verification routines 2019-08-22 14:57:32 +10:00
ux500 crypto: ux500 - Fix COMPILE_TEST warnings 2019-09-09 23:48:41 +10:00
virtio crypto: drivers - Use kmemdup rather than duplicating its implementation 2019-07-26 15:03:59 +10:00
vmx crypto: vmx/xts - use fallback for ciphertext stealing 2019-08-22 14:57:34 +10:00
atmel-aes-regs.h
atmel-aes.c crypto: drivers - Remove dev_err() usage after platform_get_irq() 2019-08-09 15:11:38 +10:00
atmel-authenc.h crypto: atmel - switch to SPDX license identifiers 2018-09-04 11:37:04 +08:00
atmel-ecc.c crypto: atmel-ecc - factor out code that can be shared 2019-05-30 15:35:45 +08:00
atmel-i2c.c crypto: atmel - Fix -Wunused-const-variable warning 2019-08-30 18:05:31 +10:00
atmel-i2c.h crypto: atmel - Fix -Wunused-const-variable warning 2019-08-30 18:05:31 +10:00
atmel-sha204a.c crypto: atmel-sha204a - Use device-managed registration API 2019-08-02 14:43:59 +10:00
atmel-sha-regs.h
atmel-sha.c crypto: drivers - Remove dev_err() usage after platform_get_irq() 2019-08-09 15:11:38 +10:00
atmel-tdes-regs.h
atmel-tdes.c crypto: atmel/des - switch to new verification routines 2019-08-22 14:39:38 +10:00
exynos-rng.c crypto: exynos - use devm_platform_ioremap_resource() to simplify code 2019-08-09 15:11:59 +10:00
geode-aes.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
geode-aes.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
hifn_795x.c crypto: hifn/des - switch to new verification routines 2019-08-22 14:39:40 +10:00
img-hash.c crypto: img-hash - use devm_platform_ioremap_resource() to simplify code 2019-08-09 15:11:59 +10:00
ixp4xx_crypto.c crypto: ixp4xx/des - switch to new verification routines 2019-08-22 14:57:31 +10:00
Kconfig Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-09-18 12:11:14 -07:00
Makefile crypto: atmel-i2c - add support for SHA204A random number generator 2019-05-30 15:35:45 +08:00
mxs-dcp.c crypto: drivers - Remove dev_err() usage after platform_get_irq() 2019-08-09 15:11:38 +10:00
n2_asm.S
n2_core.c crypto: n2 - Rename arrays to avoid conflict with crypto/sha256.h 2019-09-05 14:54:54 +10:00
n2_core.h
omap-aes-gcm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
omap-aes.c crypto: drivers - Remove dev_err() usage after platform_get_irq() 2019-08-09 15:11:38 +10:00
omap-aes.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
omap-crypto.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
omap-crypto.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
omap-des.c crypto: omap/des - switch to new verification routines 2019-08-22 14:57:31 +10:00
omap-sham.c crypto: drivers - Remove dev_err() usage after platform_get_irq() 2019-08-09 15:11:38 +10:00
padlock-aes.c crypto: padlock/aes - switch to library version of key expansion routine 2019-07-26 14:56:02 +10:00
padlock-sha.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
picoxcell_crypto_regs.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
picoxcell_crypto.c crypto: picoxcell/des - switch to new verification routines 2019-08-22 14:57:31 +10:00
qcom-rng.c crypto: qcom-rng - use devm_platform_ioremap_resource() to simplify code 2019-08-09 15:12:03 +10:00
s5p-sss.c crypto: s5p - use correct block size of 1 for ctr(aes) 2019-08-30 18:05:28 +10:00
sahara.c crypto: drivers - Remove dev_err() usage after platform_get_irq() 2019-08-09 15:11:38 +10:00
talitos.c crypto: talitos - fix missing break in switch statement 2019-09-20 22:53:08 +10:00
talitos.h crypto: talitos - drop icv_ool 2019-07-03 22:13:11 +08:00