Commit a904a069 authored by Eric Dumazet's avatar Eric Dumazet Committed by David S. Miller
Browse files

inet: stop leaking jiffies on the wire 



Historically linux tried to stick to RFC 791, 1122, 2003
for IPv4 ID field generation.

RFC 6864 made clear that no matter how hard we try,
we can not ensure unicity of IP ID within maximum
lifetime for all datagrams with a given source
address/destination address/protocol tuple.

Linux uses a per socket inet generator (inet_id), initialized
at connection startup with a XOR of 'jiffies' and other
fields that appear clear on the wire.

Thiemo Nagel pointed that this strategy is a privacy
concern as this provides 16 bits of entropy to fingerprint
devices.

Let's switch to a random starting point, this is just as
good as far as RFC 6864 is concerned and does not leak
anything critical.

Fixes: 1da177e4 ("Linux-2.6.12-rc2")
Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Reported-by: default avatarThiemo Nagel <tnagel@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent c8c2cd81

drivers/crypto/chelsio/chtls/chtls_cm.c

+1 −1
Original line number Diff line number Diff line
@@ -1297,7 +1297,7 @@ static void make_established(struct sock *sk, u32 snd_isn, unsigned int opt) 
	tp->write_seq = snd_isn;

	tp->snd_nxt = snd_isn;

	tp->snd_una = snd_isn;

	inet_sk(sk)->inet_id = tp->write_seq ^ jiffies;

	inet_sk(sk)->inet_id = prandom_u32();

	assign_rxopt(sk, opt);



	if (tp->rcv_wnd > (RCV_BUFSIZ_M << 10))

net/dccp/ipv4.c

+1 −1
Original line number Diff line number Diff line
@@ -117,7 +117,7 @@ int dccp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) 
						    inet->inet_daddr,

						    inet->inet_sport,

						    inet->inet_dport);

	inet->inet_id = dp->dccps_iss ^ jiffies;

	inet->inet_id = prandom_u32();



	err = dccp_connect(sk);

	rt = NULL;

net/ipv4/datagram.c

+1 −1
Original line number Diff line number Diff line
@@ -73,7 +73,7 @@ int __ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len 
	reuseport_has_conns(sk, true);

	sk->sk_state = TCP_ESTABLISHED;

	sk_set_txhash(sk);

	inet->inet_id = jiffies;

	inet->inet_id = prandom_u32();



	sk_dst_set(sk, &rt->dst);

	err = 0;

net/ipv4/tcp_ipv4.c

+2 −2
Original line number Diff line number Diff line
@@ -303,7 +303,7 @@ int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) 
						 inet->inet_daddr);

	}



	inet->inet_id = tp->write_seq ^ jiffies;

	inet->inet_id = prandom_u32();



	if (tcp_fastopen_defer_connect(sk, &err))

		return err;
@@ -1450,7 +1450,7 @@ struct sock *tcp_v4_syn_recv_sock(const struct sock *sk, struct sk_buff *skb, 
	inet_csk(newsk)->icsk_ext_hdr_len = 0;

	if (inet_opt)

		inet_csk(newsk)->icsk_ext_hdr_len = inet_opt->opt.optlen;

	newinet->inet_id = newtp->write_seq ^ jiffies;

	newinet->inet_id = prandom_u32();



	if (!dst) {

		dst = inet_csk_route_child_sock(sk, newsk, req);

net/sctp/socket.c

+1 −1
Original line number Diff line number Diff line
@@ -9306,7 +9306,7 @@ void sctp_copy_sock(struct sock *newsk, struct sock *sk, 
	newinet->inet_rcv_saddr = inet->inet_rcv_saddr;

	newinet->inet_dport = htons(asoc->peer.port);

	newinet->pmtudisc = inet->pmtudisc;

	newinet->inet_id = asoc->next_tsn ^ jiffies;

	newinet->inet_id = prandom_u32();



	newinet->uc_ttl = inet->uc_ttl;

	newinet->mc_loop = 1;

CRA Git | Maintained and supported by SUSTech CRA and CCSE