Page MenuHomeFreeBSD
Differential D16636

Improve TCP timestamps
ClosedPublic
Actions

Authored by tuexen on Aug 8 2018, 11:21 PM.
Tags
None
Referenced Files
F81927181: D16636.id.diff
Tue, Apr 23, 7:35 AM
F81908673: D16636.diff
Tue, Apr 23, 12:13 AM
Unknown Object (File)
Sat, Apr 20, 12:56 PM
Unknown Object (File)
Tue, Apr 2, 2:03 AM
Unknown Object (File)
Feb 2 2024, 8:52 AM
Unknown Object (File)
Jan 26 2024, 3:14 PM
Unknown Object (File)
Jan 26 2024, 3:14 PM
Unknown Object (File)
Jan 26 2024, 3:14 PM
View All 32 Files
Subscribers
imp

Details

Reviewers
jtl
jason_eggnet.com
rrs
kbowling
Group Reviewers
transport
Commits
rS348435: MFC r338053:
rS338053: Don't expose the uptime via the TCP timestamps.
Summary

TCP timestamps leak the uptime in milliseconds. To avoid this, initialise the TCP timestamp with a value of a keyed hash function, which takes the source and destination IP address and the source and destination port number.
Use the same keyed hash function as used for selecting the initial TCP sequence number.

Test Plan

Ensure that the TCP timestamp is increasing over multiple TCP connections using the same 4 tuple. Check this when using the syn cache and syn cookies.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 18656

Revision Contents
Changeset List

PathSize
sys/
netinet/
67 lines
8 lines
8 lines
4 lines

Diff 46441

View Options

sys/netinet/tcp_subr.c

Loading...
View Options

sys/netinet/tcp_syncache.c

Loading...
View Options

sys/netinet/tcp_usrreq.c

Loading...
View Options

sys/netinet/tcp_var.h

Loading...