Page MenuHomeFreeBSD
Differential D16636

Improve TCP timestamps
ClosedPublic
Actions

Authored by tuexen on Aug 8 2018, 11:21 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jan 18, 12:07 AM
Unknown Object (File)
Dec 26 2024, 10:02 AM
Unknown Object (File)
Nov 29 2024, 7:29 AM
Unknown Object (File)
Nov 29 2024, 7:29 AM
Unknown Object (File)
Nov 25 2024, 3:32 AM
Unknown Object (File)
Nov 24 2024, 6:41 PM
Unknown Object (File)
Nov 24 2024, 7:55 AM
Unknown Object (File)
Nov 24 2024, 2:14 AM
View All Files
Subscribers
imp

Details

Reviewers
jtl
jason_eggnet.com
rrs
kbowling
Group Reviewers
transport
Commits
rS348435: MFC r338053:
rS338053: Don't expose the uptime via the TCP timestamps.
Summary

TCP timestamps leak the uptime in milliseconds. To avoid this, initialise the TCP timestamp with a value of a keyed hash function, which takes the source and destination IP address and the source and destination port number.
Use the same keyed hash function as used for selecting the initial TCP sequence number.

Test Plan

Ensure that the TCP timestamp is increasing over multiple TCP connections using the same 4 tuple. Check this when using the syn cache and syn cookies.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
head/
sys/
netinet/
67 lines
8 lines
8 lines
4 lines

Diff 46928

View Options

head/sys/netinet/tcp_subr.c

Loading...
View Options

head/sys/netinet/tcp_syncache.c

Loading...
View Options

head/sys/netinet/tcp_usrreq.c

Loading...
View Options

head/sys/netinet/tcp_var.h

Loading...