From: Florian Westphal <fw@strlen.de>
To: Eric Dumazet <edumazet@google.com>
Cc: "Jovi Zhangwei" <jovi@cloudflare.com>,
sasha.levin@oracle.com, "Jiří Pírko" <jiri@resnulli.us>,
"Tom Herbert" <therbert@google.com>,
makita.toshiaki@lab.ntt.co.jp,
"David Miller" <davem@davemloft.net>,
Netdev <netdev@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
"Marek Majkowski" <marek@cloudflare.com>
Subject: Re: [PATCH] tcp: Use absolute system clock for TCP timestamps
Date: Thu, 24 Sep 2015 17:29:58 +0200 [thread overview]
Message-ID: <20150924152958.GA29479@breakpoint.cc> (raw)
In-Reply-To: <CANn89iJ+SrGJHJGYVpi7SnTkefCB6iq9KzvcU_iYTcz+WvYZPw@mail.gmail.com>
Eric Dumazet <edumazet@google.com> wrote:
> On Thu, Sep 24, 2015 at 7:14 AM, Jovi Zhangwei <jovi@cloudflare.com> wrote:
> > From f455dc3958593250909627474100f6cc5c158a5c Mon Sep 17 00:00:00 2001
> > From: Marek Majkowski <marek@cloudflare.com>
> > Date: Fri, 11 Sep 2015 06:05:07 -0700
> > Subject: [PATCH] tcp: Use absolute system clock for TCP timestamps
> >
> > Using TCP timestamps is beneficial due for to its purpose in PAWS and when
> > its role when SYN cookies are enabled. In practice though TCP timestamps are
> > often disabled due to being a perceived security issue - they leak Linux
> > system uptime.
> >
> > This patch introduces a kernel option that makes TCP timestamp always return
> > an absolute value derived from a system clock as opposed to jiffies from
> > boot.
> >
> > This patch is based on the approach taken by grsecurity:
> > https://grsecurity.net/~spender/random_timestamp.diff
> >
I did not see the proposed patch because it didn't make this list,
but I do not like the patch linked to above.
With HZ=1000 the clock wraps every 49 days anyway.
If thats is still deemed a problem, then the proposed solution doesn't
help since all this does is add some 'random uptime' when the machine
is booted so remote monitoring will easily give a good approximation of
real uptime.
Really, where is the problem...?
> TCP stack uses tcp_time_stamp internally, we do not want to add
> overhead adding an offset on all places.
>
> tp->lsndtime is an example, but we have others.
>
> Therefore, I suggest you add a new function and use it only where needed.
Agreed, the mangling should only be performed when writing ts stamp
into tcp header, and undone when reading ts echo from network.
prev parent reply other threads:[~2015-09-24 15:29 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CABPcSq+jxgKkuafpt5ubDLj9CBfHE1WFwmY-cGzRxuRsfM0KGw@mail.gmail.com>
2015-09-24 14:49 ` [PATCH] tcp: Use absolute system clock for TCP timestamps Eric Dumazet
2015-09-24 15:29 ` Florian Westphal [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150924152958.GA29479@breakpoint.cc \
--to=fw@strlen.de \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=jiri@resnulli.us \
--cc=jovi@cloudflare.com \
--cc=linux-kernel@vger.kernel.org \
--cc=makita.toshiaki@lab.ntt.co.jp \
--cc=marek@cloudflare.com \
--cc=netdev@vger.kernel.org \
--cc=sasha.levin@oracle.com \
--cc=therbert@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).