iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Eric Dumazet f41f6336bf tcp: resalt the secret every 10 seconds 
[ Upstream commit 4dfa9b438ee34caca4e6a4e5e961641807367f6f ]

In order to limit the ability for an observer to recognize the source
ports sequence used to contact a set of destinations, we should
periodically shuffle the secret. 10 seconds looks effective enough
without causing particular issues.

Cc: Moshe Kol <moshe.kol@mail.huji.ac.il>
Cc: Yossi Gilad <yossi.gilad@mail.huji.ac.il>
Cc: Amit Klein <aksecurity@gmail.com>
Cc: Jason A. Donenfeld <Jason@zx2c4.com>
Tested-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-05-18 10:26:53 +02:00
..
6lowpan
6lowpan: iphc: Fix an off-by-one check of array index
2021-07-22 16:19:03 +02:00
9p
xen/9p: use alloc/free_pages_exact()
2022-03-11 12:22:36 +01:00
802
net: 802: remove dead leftover after ipx driver removal
2021-08-13 16:30:35 -07:00
8021q
net: vlan: fix underflow for the real_dev refcnt
2021-12-01 09:04:53 +01:00
appletalk
net: socket: rework compat_ifreq_ioctl()
2021-07-23 14:20:25 +01:00
atm
ax25
ax25: Fix UAF bugs in ax25 timers
2022-04-20 09:34:22 +02:00
batman-adv
batman-adv: Don't skb_split skbuffs with frag_list
2022-05-18 10:26:47 +02:00
bluetooth
Bluetooth: Fix the creation of hdev->name
2022-05-15 20:18:52 +02:00
bpf
bpf: Make remote_port field in struct bpf_sk_lookup 16-bit wide
2022-04-13 20:59:25 +02:00
bpfilter
bpfilter: Specify the log level for the kmsg message
2021-06-25 13:13:50 +02:00
bridge
net: bridge: multicast: notify switchdev driver whenever MC processing gets disabled
2022-02-23 12:03:13 +01:00
caif
net-caif: avoid user-triggerable WARN_ON(1)
2021-09-14 12:51:15 +01:00
can
can: isotp: remove re-binding of bound socket
2022-05-12 12:30:09 +02:00
ceph
Networking changes for 5.14.
2021-06-30 15:51:09 -07:00
core
tcp: resalt the secret every 10 seconds
2022-05-18 10:26:53 +02:00
dcb
net: dcb: disable softirqs in dcbnl_flush_dev()
2022-03-08 19:12:52 +01:00
dccp
tcp: switch orphan_count to bare per-cpu counters
2021-11-18 19:16:33 +01:00
decnet
net: Remove redundant if statements
2021-08-05 13:27:50 +01:00
dns_resolver
dsa
net: dsa: Add missing of_node_put() in dsa_port_link_register_of
2022-05-09 09:14:34 +02:00
ethernet
move netdev_boot_setup into Space.c
2021-08-03 13:05:26 +01:00
ethtool
ethtool: do not perform operations on net devices being unregistered
2021-12-14 10:57:09 +01:00
hsr
net: hsr: don't check sequence number if tag removal is offloaded
2021-06-16 12:13:01 -07:00
ieee802154
net: ieee802154: Return meaningful error codes from the netlink helpers
2022-02-08 18:34:09 +01:00
ife
ipv4
tcp: use different parts of the port_offset for index and offset
2022-05-18 10:26:53 +02:00
ipv6
secure_seq: use the 64 bits of the siphash for port offset calculation
2022-05-18 10:26:53 +02:00
iucv
net/iucv: Replace deprecated CPU-hotplug functions.
2021-08-09 10:13:32 +01:00
kcm
net: sock: introduce sk_error_report
2021-06-29 11:28:21 -07:00
key
af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register
2022-04-08 14:22:47 +02:00
l2tp
net/l2tp: Fix reference count leak in l2tp_udp_recv_core
2021-09-09 11:00:20 +01:00
l3mdev
l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu
2022-04-27 14:38:53 +02:00
lapb
llc
llc: only change llc->dev when bind() succeeds
2022-03-28 09:58:46 +02:00
mac80211
mac80211: Reset MBSSID parameters upon connection
2022-05-18 10:26:47 +02:00
mac802154
ieee802154: Remove redundant initialization of variable ret
2021-09-07 14:06:08 +01:00
mctp
mctp: Fix check for dev_hard_header() result
2022-04-13 20:59:16 +02:00
mpls
net: mpls: Fix notifications when deleting a device
2021-12-08 09:04:47 +01:00
mptcp
mptcp: Correctly set DATA_FIN timeout when number of retransmits is large
2022-03-08 19:12:48 +01:00
ncsi
net/ncsi: check for error return from call to nla_put_u32
2022-01-05 12:42:37 +01:00
netfilter
netfilter: nft_socket: only do sk lookups when indev is available
2022-05-09 09:14:43 +02:00
netlabel
netlabel: fix out-of-bounds memory accesses
2022-04-13 20:59:10 +02:00
netlink
netlink: do not reset transport header in netlink_recvmsg()
2022-05-18 10:26:49 +02:00
netrom
netrom: fix api breakage in nr_setsockopt()
2022-01-27 11:04:00 +01:00
nfc
NFC: netlink: fix sleep in atomic bug when firmware download timeout
2022-05-12 12:30:10 +02:00
nsh
openvswitch
netfilter: conntrack: convert to refcount_t api
2022-04-27 14:39:01 +02:00
packet
net/packet: fix packet_sock xmit return value checking
2022-04-27 14:38:53 +02:00
phonet
phonet: refcount leak in pep_sock_accep
2022-01-11 15:35:16 +01:00
psample
qrtr
net: qrtr: revert check in qrtr_endpoint_post()
2021-09-02 11:37:02 +01:00
rds
rds: memory leak in __rds_conn_create()
2021-12-22 09:32:42 +01:00
rfkill
rfkill: make new event layout opt-in
2022-04-08 14:23:00 +02:00
rose
rxrpc
rxrpc: Enable IPv6 checksums on transport socket
2022-05-12 12:30:19 +02:00
sched
net/sched: act_pedit: really ensure the skb is writable
2022-05-18 10:26:50 +02:00
sctp
sctp: check asoc strreset_chunk in sctp_generate_reconf_event
2022-05-09 09:14:35 +02:00
smc
net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending
2022-05-18 10:26:51 +02:00
strparser
bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
2021-11-18 19:17:11 +01:00
sunrpc
SUNRPC release the transport of a relocated task with an assigned transport
2022-05-12 12:30:14 +02:00
switchdev
net: make switchdev_bridge_port_{,unoffload} loosely coupled with the bridge
2021-08-04 12:35:07 +01:00
tipc
tipc: fix the timer expires after interval 100ms
2022-04-08 14:23:43 +02:00
tls
tls: Fix context leak on tls_device_down
2022-05-18 10:26:51 +02:00
unix
af_unix: Support POLLPRI for OOB.
2022-04-08 14:24:14 +02:00
vmw_vsock
vsock/virtio: enable VQs early on probe
2022-04-08 14:23:51 +02:00
wireless
nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size
2022-04-20 09:34:19 +02:00
x25
net/x25: Fix null-ptr-deref caused by x25_disconnect
2022-04-08 14:23:53 +02:00
xdp
xsk: Fix l2fwd for copy mode + busy poll combo
2022-05-09 09:14:32 +02:00
xfrm
xfrm: fix tunnel model fragmentation behavior
2022-04-08 14:22:46 +02:00
compat.c
devres.c
Kconfig
mctp: Add MCTP base
2021-07-29 15:06:49 +01:00
Makefile
mctp: Add MCTP base
2021-07-29 15:06:49 +01:00
socket.c
net: fix SOF_TIMESTAMPING_BIND_PHC to work with multiple sockets
2022-01-27 11:03:52 +01:00
sysctl_net.c