iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net/ipv4
History
Eric Dumazet 87c48fa3b4 ipv6: make fragment identifications less predictable 
IPv6 fragment identification generation is way beyond what we use for
IPv4 : It uses a single generator. Its not scalable and allows DOS
attacks.

Now inetpeer is IPv6 aware, we can use it to provide a more secure and
scalable frag ident generator (per destination, instead of system wide)

This patch :
1) defines a new secure_ipv6_id() helper
2) extends inet_getid() to provide 32bit results
3) extends ipv6_select_ident() with a new dest parameter

Reported-by: Fernando Gont <fernando@gont.com.ar>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-21 21:25:58 -07:00
..
netfilter
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-07-05 23:23:37 -07:00
af_inet.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-07-05 23:23:37 -07:00
ah4.c
inet: constify ip headers and in6_addr
2011-04-22 11:04:14 -07:00
arp.c
neigh: Pass neighbour entry to output ops.
2011-07-17 23:11:17 -07:00
cipso_ipv4.c
inet: add RCU protection to inet->opt
2011-04-28 13:16:35 -07:00
datagram.c
ipv4: Lock socket and use cork flow in ip4_datagram_connect().
2011-05-08 13:48:57 -07:00
devinet.c
rtnetlink: Compute and store minimum ifinfo dump size
2011-06-09 20:38:07 -07:00
esp4.c
inet: constify ip headers and in6_addr
2011-04-22 11:04:14 -07:00
fib_frontend.c
rtnetlink: Compute and store minimum ifinfo dump size
2011-06-09 20:38:07 -07:00
fib_lookup.h
ipv4: Fix nexthop caching wrt. scoping.
2011-03-24 18:06:47 -07:00
fib_rules.c
ipv4: Use flowi4 in FIB layer.
2011-03-12 15:08:49 -08:00
fib_semantics.c
net,rcu: convert call_rcu(fc_rport_free_rcu) to kfree_rcu()
2011-05-07 22:50:55 -07:00
fib_trie.c
ipv4: save cpu cycles from check_leaf()
2011-07-18 10:41:18 -07:00
gre.c
Remove redundant linux/version.h includes from net/
2011-06-21 16:03:17 -07:00
icmp.c
ipv4: Pass explicit destination address to rt_bind_peer().
2011-05-18 18:42:43 -04:00
igmp.c
igmp: call ip_mc_clear_src() only when we have no users of ip_mc_list
2011-05-24 13:26:12 -04:00
inet_connection_sock.c
seqlock: Get rid of SEQLOCK_UNLOCKED
2011-05-24 15:22:17 +02:00
inet_diag.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-06-20 22:29:08 -07:00
inet_fragment.c
net/ipv4: EXPORT_SYMBOL cleanups
2010-07-12 12:57:54 -07:00
inet_hashtables.c
inet: Fix __inet_inherit_port() to correctly increment bsockets and num_owners
2010-11-28 18:18:44 -08:00
inet_lro.c
lro: do vlan cleanup
2011-07-21 13:47:54 -07:00
inet_timewait_sock.c
tcp: fix inet_twsk_deschedule()
2011-02-19 18:59:04 -08:00
inetpeer.c
ipv6: make fragment identifications less predictable
2011-07-21 21:25:58 -07:00
ip_forward.c
ipv4: Fix 'iph' use before set.
2011-05-12 23:03:46 -04:00
ip_fragment.c
ipv4: Add ip_defrag() agent IP_DEFRAG_AF_PACKET.
2011-07-05 22:34:52 -07:00
ip_gre.c
net: Abstract dst->neighbour accesses behind helpers.
2011-07-17 23:11:35 -07:00
ip_input.c
ip: introduce ip_is_fragment helper inline function
2011-06-21 20:33:34 -07:00
ip_options.c
ip_options_compile: properly handle unaligned pointer
2011-05-31 15:11:02 -07:00
ip_output.c
net: Abstract dst->neighbour accesses behind helpers.
2011-07-17 23:11:35 -07:00
ip_sockglue.c
inet: add RCU protection to inet->opt
2011-04-28 13:16:35 -07:00
ipcomp.c
inet: constify ip headers and in6_addr
2011-04-22 11:04:14 -07:00
ipconfig.c
ipconfig: Reduce switch/case indent
2011-07-01 16:11:15 -07:00
ipip.c
net: call dev_alloc_name from register_netdevice
2011-05-05 10:57:45 -07:00
ipmr.c
rtnetlink: Compute and store minimum ifinfo dump size
2011-06-09 20:38:07 -07:00
Kconfig
ipv4: Remove fib_hash.
2011-02-01 15:35:25 -08:00
Makefile
net: ipv4: add IPPROTO_ICMP socket kind
2011-05-13 16:08:13 -04:00
netfilter.c
netfilter: Fix ip_route_me_harder triggering ip_rt_bug
2011-06-29 05:47:32 -07:00
ping.c
ipv4, ping: Remove duplicate icmp.h include
2011-06-20 13:04:38 -07:00
proc.c
tcp: Replace time wait bucket msg by counter
2010-12-08 12:16:33 -08:00
protocol.c
net: add __rcu annotations to protocol
2010-10-27 11:37:31 -07:00
raw.c
ipv4: Reduce switch/case indent
2011-07-01 16:11:16 -07:00
route.c
net: Add ->neigh_lookup() operation to dst_ops
2011-07-18 00:40:17 -07:00
syncookies.c
tcp: RFC2988bis + taking RTT sample from 3WHS for the passive open side
2011-06-08 17:05:30 -07:00
sysctl_net_ipv4.c
inetpeer: remove unused list
2011-06-08 17:05:30 -07:00
tcp_bic.c
tcp: mark tcp_congestion_ops read_mostly
2011-03-10 00:40:17 -08:00
tcp_cong.c
net/ipv4: Eliminate kstrdup memory leak
2010-08-27 19:31:56 -07:00
tcp_cubic.c
tcp_cubic: limit delayed_ack ratio to prevent divide error
2011-05-08 15:51:57 -07:00
tcp_diag.c
tcp: diag: Dont report negative values for rx queue
2009-12-03 16:06:13 -08:00
tcp_highspeed.c
tcp: mark tcp_congestion_ops read_mostly
2011-03-10 00:40:17 -08:00
tcp_htcp.c
tcp: mark tcp_congestion_ops read_mostly
2011-03-10 00:40:17 -08:00
tcp_hybla.c
tcp: mark tcp_congestion_ops read_mostly
2011-03-10 00:40:17 -08:00
tcp_illinois.c
tcp: mark tcp_congestion_ops read_mostly
2011-03-10 00:40:17 -08:00
tcp_input.c
tcp: RFC2988bis + taking RTT sample from 3WHS for the passive open side
2011-06-08 17:05:30 -07:00
tcp_ipv4.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-06-20 22:29:08 -07:00
tcp_lp.c
Fix common misspellings
2011-03-31 11:26:23 -03:00
tcp_minisocks.c
tcp: RFC2988bis + taking RTT sample from 3WHS for the passive open side
2011-06-08 17:05:30 -07:00
tcp_output.c
inet: Pass flowi to ->queue_xmit().
2011-05-08 15:28:28 -07:00
tcp_probe.c
net: ipv4: tcp_probe: cleanup snprintf() use
2010-11-17 12:27:46 -08:00
tcp_scalable.c
tcp: mark tcp_congestion_ops read_mostly
2011-03-10 00:40:17 -08:00
tcp_timer.c
tcp: Remove debug macro of TCP_CHECK_TIMER
2011-02-20 11:10:14 -08:00
tcp_vegas.c
tcp: mark tcp_congestion_ops read_mostly
2011-03-10 00:40:17 -08:00
tcp_vegas.h
tcp_veno.c
tcp: mark tcp_congestion_ops read_mostly
2011-03-10 00:40:17 -08:00
tcp_westwood.c
tcp: mark tcp_congestion_ops read_mostly
2011-03-10 00:40:17 -08:00
tcp_yeah.c
Fix common misspellings
2011-03-31 11:26:23 -03:00
tcp.c
net: refine {udp|tcp|sctp}_mem limits
2011-07-07 00:27:05 -07:00
tunnel4.c
tunnels: add __rcu annotations
2010-10-27 11:37:32 -07:00
udp_impl.h
net: Make setsockopt() optlen be unsigned.
2009-09-30 16:12:20 -07:00
udp.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-07-14 07:56:40 -07:00
udplite.c
net: fix nulls list corruptions in sk_prot_alloc
2010-12-16 14:26:56 -08:00
xfrm4_input.c
net/ipv4: EXPORT_SYMBOL cleanups
2010-07-12 12:57:54 -07:00
xfrm4_mode_beet.c
ipsec: Interfamily IPSec BEET
2008-08-06 02:39:30 -07:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
ipv4: Don't pre-seed hoplimit metric.
2010-12-12 22:08:17 -08:00
xfrm4_output.c
xfrm4: Don't call icmp_send on local error
2011-07-01 17:33:19 -07:00
xfrm4_policy.c
ip: introduce ip_is_fragment helper inline function
2011-06-21 20:33:34 -07:00
xfrm4_state.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-3.6
2011-05-11 14:26:58 -04:00
xfrm4_tunnel.c
net: struct xfrm_tunnel in read_mostly section
2010-08-30 13:50:45 -07:00