Pull up following revision(s) (requested by christos in ticket #1662):

sys/netinet/tcp_subr.c: revision 1.286 sys/netinet/tcp_timer.c: revision 1.96 sys/netinet/in_var.h: revision 1.102 sys/netinet/in_var.h: revision 1.99 Don't increment the iss sequence on each connection because it exposes information (Amit Klein) Add some randomness to the iss offset Use a random IPv4 ID because the shuffling algorithm used before could expose information (Amit Klein) mv <sys/cprng.h> include to the kernel portion
2021-03-09 15:56:51 +00:00 · 2021-03-09 15:56:51 +00:00 · 5d46365a91
parent e694d5af21
commit 5d46365a91
3 changed files with 10 additions and 9 deletions
--- a/sys/netinet/in_var.h
+++ b/sys/netinet/in_var.h
@ -1,4 +1,4 @@
-/*	$NetBSD: in_var.h,v 1.95 2017/05/12 17:53:54 ryo Exp $	*/
+/*	$NetBSD: in_var.h,v 1.95.2.1 2021/03/09 15:56:51 martin Exp $	*/

 /*-
 * Copyright (c) 1998 The NetBSD Foundation, Inc.
@ -374,6 +374,7 @@ struct in_multi {
 #ifdef _KERNEL

 #include <net/pktqueue.h>
+#include <sys/cprng.h>

 extern pktqueue_t *ip_pktq;

@ -450,7 +451,8 @@ ip_newid_range(const struct in_ifaddr *ia, u_int num)

 	if (ip_do_randomid) {
 		/* XXX ignore num */
-		return ip_randomid(ip_ids, ia ? ia->ia_idsalt : 0);
+		id = (uint16_t)cprng_fast32();
+		return id ? id : 1;
 	}

 	/* Never allow an IP ID of 0 (detect wrap). */
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@ -1,4 +1,4 @@
-/*	$NetBSD: tcp_subr.c,v 1.270.6.2 2021/03/07 19:13:24 martin Exp $	*/
+/*	$NetBSD: tcp_subr.c,v 1.270.6.3 2021/03/09 15:56:51 martin Exp $	*/

 /*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -91,7 +91,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_subr.c,v 1.270.6.2 2021/03/07 19:13:24 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_subr.c,v 1.270.6.3 2021/03/09 15:56:51 martin Exp $");

 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@ -2301,7 +2301,6 @@ tcp_new_iss1(void *laddr, void *faddr, u_int16_t lport, u_int16_t fport,
 		 * XXX Use `addin'?
 		 * XXX TCP_ISSINCR too large to use?
 		 */
-		tcp_iss_seq += TCP_ISSINCR;
 #ifdef TCPISS_DEBUG
 		printf("ISS hash 0x%08x, ", tcp_iss);
 #endif
@ -2337,7 +2336,6 @@ tcp_new_iss1(void *laddr, void *faddr, u_int16_t lport, u_int16_t fport,
 		} else {
 			tcp_iss &= TCP_ISS_RANDOM_MASK;
 			tcp_iss += tcp_iss_seq;
-			tcp_iss_seq += TCP_ISSINCR;
 #ifdef TCPISS_DEBUG
 			printf("ISS %08x\n", tcp_iss);
 #endif
--- a/sys/netinet/tcp_timer.c
+++ b/sys/netinet/tcp_timer.c
@ -1,4 +1,4 @@
-/*	$NetBSD: tcp_timer.c,v 1.91.8.1 2018/02/03 22:07:26 snj Exp $	*/
+/*	$NetBSD: tcp_timer.c,v 1.91.8.2 2021/03/09 15:56:51 martin Exp $	*/

 /*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -93,7 +93,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_timer.c,v 1.91.8.1 2018/02/03 22:07:26 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_timer.c,v 1.91.8.2 2021/03/09 15:56:51 martin Exp $");

 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@ -111,6 +111,7 @@ __KERNEL_RCSID(0, "$NetBSD: tcp_timer.c,v 1.91.8.1 2018/02/03 22:07:26 snj Exp $
 #include <sys/kernel.h>
 #include <sys/callout.h>
 #include <sys/workqueue.h>
+#include <sys/cprng.h>

 #include <net/if.h>

@ -261,7 +262,7 @@ tcp_slowtimo_work(struct work *wk, void *arg)
 {

 	mutex_enter(softnet_lock);
-	tcp_iss_seq += TCP_ISSINCR;			/* increment iss */
+	tcp_iss_seq += TCP_ISSINCR + (TCP_ISS_RANDOM_MASK & cprng_fast32());
 	tcp_now++;					/* for timestamps */
 	mutex_exit(softnet_lock);