| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANn89iLs36CahFdMMTjHX2GcAXYONXuyS03-yuULaOO=aGmozw@mail.gmail.com>
Date: Tue, 28 Nov 2023 16:19:47 +0100
From: Eric Dumazet <edumazet@...gle.com>
To: Kuniyuki Iwashima <kuniyu@...zon.com>
Cc: "David S. Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>,
Kuniyuki Iwashima <kuni1840@...il.com>, netdev@...r.kernel.org
Subject: Re: [PATCH v2 net-next 6/8] tcp: Move TCP-AO bits from
cookie_v[46]_check() to tcp_ao_syncookie().
On Sat, Nov 25, 2023 at 2:19 AM Kuniyuki Iwashima <kuniyu@...zon.com> wrote:
>
> We initialise treq->af_specific in cookie_tcp_reqsk_alloc() so that
> we can look up a key later in tcp_create_openreq_child().
>
> Initially, that change was added for MD5 by commit ba5a4fdd63ae ("tcp:
> make sure treq->af_specific is initialized"), but it has not been used
> since commit d0f2b7a9ca0a ("tcp: Disable header prediction for MD5
> flow.").
>
> Now, treq->af_specific is used only by TCP-AO, so, we can move that
> initialisation into tcp_ao_syncookie().
>
> In addition to that, l3index in cookie_v[46]_check() is only used for
> tcp_ao_syncookie(), so let's move it as well.
>
> While at it, we move down tcp_ao_syncookie() in cookie_v4_check() so
> that it will be called after security_inet_conn_request() to make
> functions order consistent with cookie_v6_check().
>
> Signed-off-by: Kuniyuki Iwashima <kuniyu@...zon.com>
> Reviewed-by: Simon Horman <horms@...nel.org>
Reviewed-by: Eric Dumazet <edumazet@...gle.com>
Powered by blists - more mailing lists