lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 31 Jul 2020 18:55:03 -0700
From:   Eric Dumazet <eric.dumazet@...il.com>
To:     David Miller <davem@...emloft.net>, fw@...len.de
Cc:     netdev@...r.kernel.org, edumazet@...gle.com,
        mathew.j.martineau@...ux.intel.com, matthieu.baerts@...sares.net,
        pabeni@...hat.com
Subject: Re: [PATCH v2 net-next 0/9] mptcp: add syncookie support



On 7/31/20 4:56 PM, David Miller wrote:
> From: Florian Westphal <fw@...len.de>
> Date: Thu, 30 Jul 2020 21:25:49 +0200
> 
>> Changes in v2:
>  ...
>> When syn-cookies are used the SYN?ACK never contains a MPTCP option,
>> because the code path that creates a request socket based on a valid
>> cookie ACK lacks the needed changes to construct MPTCP request sockets.
>>
>> After this series, if SYN carries MP_CAPABLE option, the option is not
>> cleared anymore and request socket will be reconstructed using the
>> MP_CAPABLE option data that is re-sent with the ACK.
>>
>> This means that no additional state gets encoded into the syn cookie or
>> the TCP timestamp.
>  ...
> 
> Series applied, thanks Florian.
> 

Build is broken

I had to use :

diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index 11b20474be8310d7070750a1c7b4013f2fba2f55..f0794f0232bae749244fff35d8b96b1f561a5e87 100644
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -213,7 +213,7 @@ struct sock *tcp_get_cookie_sock(struct sock *sk, struct sk_buff *skb,
                tcp_sk(child)->tsoffset = tsoff;
                sock_rps_save_rxhash(child, skb);
 
-               if (tcp_rsk(req)->drop_req) {
+               if (rsk_drop_req(req)) {
                        refcount_set(&req->rsk_refcnt, 2);
                        return child;
                }
@@ -286,10 +286,11 @@ struct request_sock *cookie_tcp_reqsk_alloc(const struct request_sock_ops *ops,
                                            struct sock *sk,
                                            struct sk_buff *skb)
 {
-       struct tcp_request_sock *treq;
        struct request_sock *req;
 
 #ifdef CONFIG_MPTCP
+       struct tcp_request_sock *treq;
+
        if (sk_is_mptcp(sk))
                ops = &mptcp_subflow_request_sock_ops;
 #endif

Powered by blists - more mailing lists