lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 11 Mar 2012 20:10:33 -0700
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Tom Herbert <therbert@...gle.com>
Cc:	davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: [PATCH] net: Provide SYN packet for passive connections

Le dimanche 11 mars 2012 à 19:48 -0700, Tom Herbert a écrit :
> This patch allows a server application to get the TCP SYN packets for
> its passive connections.  This is useful if the server is doing
> fingerprinting of clients based on SYN packet contents.
> 
> Two socket options are added: TCP_SAVE_SYN and TCP_SAVED_SYN.  The
> first is used on a listener socket to enable saving the SYN packets
> for child connections.  The latter is used to retrieve the SYN for
> and accepted connection.  TCP_SAVED_SYN is read once, it frees the
> saved SYN packet.
> 
> The data returned TCP_SAVED_SYN is the IP header (v4 or v6) through
> the TCP header.
> 
> Signed-off-by: Tom Herbert <therbert@...gle.com>
> ---
>  include/linux/tcp.h                |    2 ++
>  include/net/inet_connection_sock.h |   31 +++++++++++++++++++++++++++++++
>  include/net/request_sock.h         |    6 +++++-
>  net/ipv4/inet_connection_sock.c    |    2 ++
>  net/ipv4/tcp.c                     |   32 ++++++++++++++++++++++++++++++++
>  net/ipv4/tcp_ipv4.c                |    2 ++
>  net/ipv4/tcp_minisocks.c           |    2 ++
>  net/ipv6/tcp_ipv6.c                |    2 ++
>  8 files changed, 78 insertions(+), 1 deletions(-)
> 
...

>  			tp->linger2 = -1;
> @@ -2632,6 +2639,31 @@ static int do_tcp_getsockopt(struct sock *sk, int level,
>  	case TCP_USER_TIMEOUT:
>  		val = jiffies_to_msecs(icsk->icsk_user_timeout);
>  		break;
> +	case TCP_SAVE_SYN:
> +		val = icsk->icsk_save_syn;
> +		break;
> +	case TCP_SAVED_SYN: {
> +		if (get_user(len, optlen))
> +			return -EFAULT;
> +
> +		if (icsk->icsk_saved_syn) {
> +			struct sk_buff *skb = icsk->icsk_saved_syn;
> +			void *b = skb_network_header(skb);
> +			void *e = (void *)tcp_hdr(skb) + tcp_hdrlen(skb);
> +
> +			len = min_t(unsigned int, e - b, len);
> +			if (put_user(len, optlen))
> +				return -EFAULT;
> +			if (copy_to_user(optval, b, len))
> +				return -EFAULT;
> +			inet_csk_free_syn(sk);
> +		} else {


I am concerned by the fact that socket might be not locked here, so this
code is racy if two threads happen to call this at the same time.

Or maybe its locked and I am too lazy ? :)



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ