From: Florian Westphal <fw@strlen.de>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Florian Westphal <fw@strlen.de>, netdev@vger.kernel.org
Subject: Re: [RFC 1/3] tcp: randomize tcp timestamp offsets for each connection
Date: Fri, 26 Aug 2016 01:46:57 +0200 [thread overview]
Message-ID: <20160825234657.GA13469@breakpoint.cc> (raw)
In-Reply-To: <1472162771.14381.167.camel@edumazet-glaptop3.roam.corp.google.com>
Eric Dumazet <eric.dumazet@gmail.com> wrote:
> On Thu, 2016-08-18 at 14:48 +0200, Florian Westphal wrote:
> > commit ceaa1fef65a7c2e ("tcp: adding a per-socket timestamp offset")
> > added the main infrastructure that is needed for per-connection
> > randomization, in particular writing/reading the on-wire tcp header
> > format takes the offset into account so rest of stack can use normal
> > tcp_time_stamp (jiffies).
[..]
> > +secure_tcpv6_sequence_number(const __be32 *saddr, const __be32 *daddr,
> > + __be16 sport, __be16 dport)
> > {
> > u32 secret[MD5_MESSAGE_BYTES / 4];
> > u32 hash[MD5_DIGEST_WORDS];
> > + struct secure_tcp_seq seq;
> > u32 i;
> >
> > net_secret_init();
> > @@ -58,7 +60,9 @@ __u32 secure_tcpv6_sequence_number(const __be32 *saddr, const __be32 *daddr,
> >
> > md5_transform(hash, secret);
> >
> > - return seq_scale(hash[0]);
> > + seq.seq = seq_scale(hash[0]);
> > + seq.tsoff = hash[1];
> > + return seq;
> > }
>
>
> I am not a super fan of this "struct secure_tcp_seq" being returned by
> functions. This adds unnecessary overhead.
>
> I would instead add a "u32 *ts_off" parameter, as you already did for
> tcp_v4_init_sequence()
>
> Patch on top of yours :
[..]
Looks great, I squashed it into my working branch.
Wrt. making randomization optional:
Would you go for another sysctl or should I just change
secure_tcpvX_sequence_number to check for tcp_timestamps == 2 mode?
*tsoff = sysctl_tcp_timestamps == 2 ? hash[1] : 0;
Could also use a static key but I don't think its worth it vs. md5 cost.
What do you think?
Thanks,
Florian
next prev parent reply other threads:[~2016-08-25 23:47 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-18 12:48 [RFC 0/3] tcp: increase resilence vs. blind data injection Florian Westphal
2016-08-18 12:48 ` [RFC 1/3] tcp: randomize tcp timestamp offsets for each connection Florian Westphal
2016-08-18 16:18 ` Eric Dumazet
2016-08-18 22:32 ` Florian Westphal
2016-08-25 9:06 ` Florian Westphal
2016-08-25 14:15 ` Eric Dumazet
2016-08-25 14:49 ` Florian Westphal
2016-08-25 16:05 ` Eric Dumazet
2016-08-25 19:34 ` Eric Dumazet
2016-08-25 20:31 ` Florian Westphal
2016-08-25 21:06 ` Eric Dumazet
2016-08-25 22:06 ` Eric Dumazet
2016-08-25 23:46 ` Florian Westphal [this message]
2016-08-26 2:34 ` Eric Dumazet
2016-08-18 12:48 ` [RFC 2/3] tcp: add tcp_timestamps=2 mode to force tsecr validation on ofo segments Florian Westphal
2016-08-18 12:48 ` [RFC 3/3] tcp: add mib counter to track ts tsecr validation failures Florian Westphal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160825234657.GA13469@breakpoint.cc \
--to=fw@strlen.de \
--cc=eric.dumazet@gmail.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.