Page MenuHomeFreeBSD

inpcb: retire suppresion of randomization of ephemeral ports
ClosedPublic

Authored by glebius on Oct 19 2022, 2:16 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Mar 15, 2:32 AM
Unknown Object (File)
Fri, Mar 15, 2:29 AM
Unknown Object (File)
Fri, Mar 15, 2:29 AM
Unknown Object (File)
Mon, Mar 11, 10:30 AM
Unknown Object (File)
Dec 25 2023, 1:20 PM
Unknown Object (File)
Dec 25 2023, 1:20 PM
Unknown Object (File)
Dec 25 2023, 1:20 PM
Unknown Object (File)
Dec 25 2023, 1:09 PM
Subscribers

Details

Summary

The suppresion was added in 5f311da2ccb with no explanation in the
commit message of the exact problem that was fixed. In the BSDCan
2006 talk [1], slides 12 to 14, we can find that it seems that there
was some problem with the TIME_WAIT state not properly being handled
on the remote side (also FreeBSD!), and this switching off the
suppression had hidden the problem. The rationale of the change was
that other stacks may also be buggy wrt the TIME_WAIT.

I did not find the actual problem in TIME_WAIT that the suppression
has hidden, neither a commit that would fix it. However, since that
time we started to handle SYNs with RFC5961 instead of RFC793, see
3220a2121cc. We also now have the tcp-testsuite [2], that has full
coverage of all possible scenarios of receiving SYN in TIME_WAIT.

This effectively reverts 5f311da2ccb6c216b79049172be840af4778129a
and 6ee79c59d2c081f837a11cc78908be54a6dbe09d.

[1] https://www.bsdcan.org/2006/papers/ImprovingTCPIP.pdf
[2] https://github.com/freebsd-net/tcp-testsuite

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable