From 9c9223617d86eaf18b0c0a187adf45e192839409 Mon Sep 17 00:00:00 2001
From: christos <christos@NetBSD.org>
Date: Tue, 9 Mar 2021 13:48:16 +0000
Subject: [PATCH] Move the offset addition in one place and mask the random
 generated value to make sure that the isn is monotonic.

---
 sys/netinet/tcp_subr.c | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
index 431676445692..6caafbf28f5d 100644
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: tcp_subr.c,v 1.287 2021/03/08 18:17:27 christos Exp $	*/
+/*	$NetBSD: tcp_subr.c,v 1.288 2021/03/09 13:48:16 christos Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_subr.c,v 1.287 2021/03/08 18:17:27 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_subr.c,v 1.288 2021/03/09 13:48:16 christos Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -2209,24 +2209,24 @@ tcp_new_iss1(void *laddr, void *faddr, u_int16_t lport, u_int16_t fport,
 
 #ifdef TCPISS_DEBUG
 		printf("ISS hash 0x%08x, ", tcp_iss);
-#endif
-		/*
-		 * Add the offset in to the computed value.
-		 */
-		tcp_iss += tcp_iss_seq;
-#ifdef TCPISS_DEBUG
-		printf("ISS %08x\n", tcp_iss);
 #endif
 	} else {
 		/*
 		 * Randomize.
 		 */
-		tcp_iss = cprng_fast32();
+		tcp_iss = cprng_fast32() & TCP_ISS_RANDOM_MASK;
 #ifdef TCPISS_DEBUG
 		printf("ISS random 0x%08x, ", tcp_iss);
 #endif
 	}
 
+	/*
+	 * Add the offset in to the computed value.
+	 */
+	tcp_iss += tcp_iss_seq;
+#ifdef TCPISS_DEBUG
+	printf("ISS %08x\n", tcp_iss);
+#endif
 	return tcp_iss;
 }