| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Jul 2020 10:25:43 -0700
From: Eric Dumazet <edumazet@...gle.com>
To: Florian Westphal <fw@...len.de>
Cc: netdev <netdev@...r.kernel.org>,
mathew.j.martineau@...ux.intel.com,
Matthieu Baerts <matthieu.baerts@...sares.net>,
Paolo Abeni <pabeni@...hat.com>
Subject: Re: [PATCH net-next 01/10] tcp: remove cookie_ts bit from request_sock
On Thu, Jul 30, 2020 at 10:15 AM Florian Westphal <fw@...len.de> wrote:
>
> No need for this anymore; nowadays output function has a 'synack_type'
> argument that tells us when the syn/ack is emitted via syncookies.
>
> The request already tells us when timestamps are supported, so check
> both to detect special timestamp for tcp option encoding is needed.
>
> Signed-off-by: Florian Westphal <fw@...len.de>
> ---
> drivers/crypto/chelsio/chtls/chtls_cm.c | 1 -
> include/net/request_sock.h | 3 +--
> net/ipv4/tcp_input.c | 2 --
> net/ipv4/tcp_output.c | 2 +-
> 4 files changed, 2 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/crypto/chelsio/chtls/chtls_cm.c b/drivers/crypto/chelsio/chtls/chtls_cm.c
> index f924c335a195..030f20148007 100644
> --- a/drivers/crypto/chelsio/chtls/chtls_cm.c
> +++ b/drivers/crypto/chelsio/chtls/chtls_cm.c
> @@ -1348,7 +1348,6 @@ static void chtls_pass_accept_request(struct sock *sk,
>
> oreq->rsk_rcv_wnd = 0;
> oreq->rsk_window_clamp = 0;
> - oreq->cookie_ts = 0;
> oreq->mss = 0;
> oreq->ts_recent = 0;
>
> diff --git a/include/net/request_sock.h b/include/net/request_sock.h
> index cf8b33213bbc..2f717d4dafc5 100644
> --- a/include/net/request_sock.h
> +++ b/include/net/request_sock.h
> @@ -54,8 +54,7 @@ struct request_sock {
> struct request_sock *dl_next;
> u16 mss;
> u8 num_retrans; /* number of retransmits */
> - u8 cookie_ts:1; /* syncookie: encode tcpopts in timestamp */
> - u8 num_timeout:7; /* number of timeouts */
> + u8 num_timeout; /* number of timeouts */
> u32 ts_recent;
> struct timer_list rsk_timer;
> const struct request_sock_ops *rsk_ops;
> diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
> index a018bafd7bdf..fcca58476678 100644
> --- a/net/ipv4/tcp_input.c
> +++ b/net/ipv4/tcp_input.c
> @@ -6519,7 +6519,6 @@ static void tcp_openreq_init(struct request_sock *req,
> struct inet_request_sock *ireq = inet_rsk(req);
>
> req->rsk_rcv_wnd = 0; /* So that tcp_send_synack() knows! */
> - req->cookie_ts = 0;
> tcp_rsk(req)->rcv_isn = TCP_SKB_CB(skb)->seq;
> tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->seq + 1;
> tcp_rsk(req)->snt_synack = 0;
> @@ -6739,7 +6738,6 @@ int tcp_conn_request(struct request_sock_ops *rsk_ops,
>
> if (want_cookie) {
> isn = cookie_init_sequence(af_ops, sk, skb, &req->mss);
> - req->cookie_ts = tmp_opt.tstamp_ok;
> if (!tmp_opt.tstamp_ok)
> inet_rsk(req)->ecn_ok = 0;
> }
> diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
> index d8f16f6a9b02..bd0e5a7cd072 100644
> --- a/net/ipv4/tcp_output.c
> +++ b/net/ipv4/tcp_output.c
> @@ -3393,7 +3393,7 @@ struct sk_buff *tcp_make_synack(const struct sock *sk, struct dst_entry *dst,
> memset(&opts, 0, sizeof(opts));
> now = tcp_clock_ns();
> #ifdef CONFIG_SYN_COOKIES
> - if (unlikely(req->cookie_ts))
> + if (unlikely(synack_type == TCP_SYNACK_COOKIE && inet_rsk(req)->tstamp_ok))
ireq->tstamp_ok
> skb->skb_mstamp_ns = cookie_init_timestamp(req, now);
> else
> #endif
> --
> 2.26.2
>
Powered by blists - more mailing lists