lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Oct 2020 16:03:27 +0200 From: Eric Dumazet <edumazet@...gle.com> To: Ricardo Dias <rdias@...sql.com> Cc: David Miller <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Alexey Kuznetsov <kuznet@....inr.ac.ru>, Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>, netdev <netdev@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] tcp: fix race condition when creating child sockets from syncookies On Fri, Oct 23, 2020 at 1:14 PM Ricardo Dias <rdias@...sql.com> wrote: > > When the TCP stack is in SYN flood mode, the server child socket is > created from the SYN cookie received in a TCP packet with the ACK flag > set. > ... This patch only handles IPv4, unless I am missing something ? It looks like the fix should be done in inet_ehash_insert(), not adding yet another helper in TCP. This would be family generic. Note that normally, all packets for the same 4-tuple should be handled by the same cpu, so this race is quite unlikely to happen in standard setups.
Powered by blists - more mailing lists