lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Jun 2010 22:28:00 +0200 From: Hagen Paul Pfeifer <hagen@...u.net> To: Florian Westphal <fw@...len.de> Cc: netdev@...r.kernel.org, Ilpo Järvinen <ilpo.jarvinen@...sinki.fi> Subject: Re: [PATCH 1/2] syncookies: do not store rcv_wscale in tcp timestamp * Florian Westphal | 2010-06-21 23:48:44 [+0200]: >As pointed out by Fernando Gont there is no need to encode rcv_wscale >into the cookie. > >We did not use the restored rcv_wscale anyway; it is recomputed >via tcp_select_initial_window(). I speculate that this behavior was and is not correct. I suppose that their is a race between the SYN/ACK where we initial force a particular window scale and the next time where we recalculate the window via tcp_select_initial_window(). If the user change net.core.rmem_max or net.ipv4.tcp_rmem in between this time, the recalculated window scale (rcv_wscale) can be smaller. But the receiver still operates with the initial window scale and can overshot the granted window - and bang. There are several solutions: encode rcv_wscale into the syn cookie and don't recalculate or disable window scaling and don't transmit any scaling option when SYN cookies are active. HGN -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists