linux/net/ipv4
Eric Dumazet 33cf7c90fe net: add real socket cookies
A long standing problem in netlink socket dumps is the use
of kernel socket addresses as cookies.

1) It is a security concern.

2) Sockets can be reused quite quickly, so there is
   no guarantee a cookie is used once and identify
   a flow.

3) request sock, establish sock, and timewait socks
   for a given flow have different cookies.

Part of our effort to bring better TCP statistics requires
to switch to a different allocator.

In this patch, I chose to use a per network namespace 64bit generator,
and to use it only in the case a socket needs to be dumped to netlink.
(This might be refined later if needed)

Note that I tried to carry cookies from request sock, to establish sock,
then timewait sockets.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Eric Salo <salo@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-03-11 21:55:28 -04:00
..
netfilter netfilter: fix sparse warnings in reject handling 2015-03-10 15:01:32 +01:00
af_inet.c net: Remove iocb argument from sendmsg and recvmsg 2015-03-02 13:06:31 -05:00
ah4.c ipsec: Remove obsolete MAX_AH_AUTH_LEN 2014-09-18 10:54:36 +02:00
arp.c neigh: Factor out ___neigh_lookup_noref 2015-03-04 00:23:23 -05:00
cipso_ipv4.c cipso: don't use IPCB() to locate the CIPSO IP option 2015-02-11 14:46:37 -05:00
datagram.c net: Save TX flow hash in sock and set in skbuf on xmit 2014-07-07 21:14:21 -07:00
devinet.c multicast: Extend ip address command to enable multicast group join/leave on 2015-02-27 16:25:25 -05:00
esp4.c net: esp: Convert NETDEBUG to pr_info 2014-11-06 15:11:10 -05:00
fib_frontend.c fib_trie: Fix uninitialized variable warning 2015-03-11 17:33:44 -04:00
fib_lookup.h ipv4: FIB Local/MAIN table collapse 2015-03-11 16:22:14 -04:00
fib_rules.c ipv4: FIB Local/MAIN table collapse 2015-03-11 16:22:14 -04:00
fib_semantics.c fib_trie: Convert fib_alias to hlist from list 2015-02-27 16:37:06 -05:00
fib_trie.c fib_trie: Only display main table in /proc/net/route 2015-03-11 21:24:32 -04:00
fou.c gue: Use checksum partial with remote checksum offload 2015-02-11 15:12:13 -08:00
geneve.c openvswitch: Add support for checksums on UDP tunnels. 2015-01-28 23:04:15 -08:00
gre_demux.c net: Fix GRE RX to use skb_transport_header for GRE header offset 2014-09-08 15:23:05 -07:00
gre_offload.c gre: Set inner mac header in gro complete 2014-12-05 21:18:34 -08:00
icmp.c ipv4: icmp: use percpu allocation 2015-01-31 17:48:18 -08:00
igmp.c multicast: Extend ip address command to enable multicast group join/leave on 2015-02-27 16:25:25 -05:00
inet_connection_sock.c net: add real socket cookies 2015-03-11 21:55:28 -04:00
inet_diag.c net: add real socket cookies 2015-03-11 21:55:28 -04:00
inet_fragment.c net: Convert LIMIT_NETDEBUG to net_dbg_ratelimited 2014-11-11 14:10:31 -05:00
inet_hashtables.c net: use reciprocal_scale() helper 2014-08-23 12:21:21 -07:00
inet_lro.c lro: remove dead code 2013-12-29 16:34:25 -05:00
inet_timewait_sock.c net: add real socket cookies 2015-03-11 21:55:28 -04:00
inetpeer.c inet: remove dead inetpeer sequence code 2014-09-08 16:42:42 -07:00
ip_forward.c ipv4: try to cache dst_entries which would cause a redirect 2015-01-26 17:28:27 -08:00
ip_fragment.c ipv4: ip_check_defrag should not assume that skb_network_offset is zero 2015-03-05 21:43:48 -05:00
ip_gre.c gre/ipip: use be16 variants of netlink functions 2015-02-08 16:28:06 -08:00
ip_input.c net: Fix memory leak if TPROXY used with TCP early demux 2014-01-27 16:22:11 -08:00
ip_options.c ipv4: rename ip_options_echo to __ip_options_echo() 2014-09-28 16:35:42 -04:00
ip_output.c udp: only allow UFO for packets from SOCK_DGRAM sockets 2015-03-02 22:19:29 -05:00
ip_sockglue.c ip: fix error queue empty skb handling 2015-03-08 23:01:54 -04:00
ip_tunnel.c tunnels: advertise link netns via netlink 2015-01-19 14:32:03 -05:00
ip_tunnel_core.c ipv4: fix a potential use after free in ip_tunnel_core.c 2014-10-17 23:45:26 -04:00
ip_vti.c tunnels: advertise link netns via netlink 2015-01-19 14:32:03 -05:00
ipcomp.c ipcomp4: Use the IPsec protocol multiplexer API 2014-02-25 07:04:17 +01:00
ipconfig.c net: ipv4: handle DSA enabled master network devices 2015-01-19 15:45:10 -05:00
ipip.c gre/ipip: use be16 variants of netlink functions 2015-02-08 16:28:06 -08:00
ipmr.c netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
Kconfig net: Move fou_build_header into fou.c and refactor 2014-11-05 16:30:02 -05:00
Makefile net: Add Geneve tunneling protocol driver 2014-10-06 00:32:20 -04:00
netfilter.c netfilter: remove double colon 2014-02-19 11:41:25 +01:00
ping.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-03-09 23:38:02 -04:00
proc.c tcp: helpers to mitigate ACK loops by rate-limiting out-of-window dupacks 2015-02-08 01:03:12 -08:00
protocol.c net: Export inet_offloads and inet6_offloads 2014-09-19 17:15:31 -04:00
raw.c net: Remove iocb argument from sendmsg and recvmsg 2015-03-02 13:06:31 -05:00
route.c net: Remove protocol from struct dst_ops 2015-03-09 16:06:10 -04:00
syncookies.c net: add real socket cookies 2015-03-11 21:55:28 -04:00
sysctl_net_ipv4.c ipv4: Create probe timer for tcp PMTU as per RFC4821 2015-03-06 14:57:42 -05:00
tcp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-03-09 23:38:02 -04:00
tcp_bic.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_cong.c tcp: silence registration message 2015-02-20 15:04:03 -05:00
tcp_cubic.c tcp: fix timing issue in CUBIC slope calculation 2015-01-28 22:18:38 -08:00
tcp_dctcp.c net: tcp: add DCTCP congestion control algorithm 2014-09-29 00:13:10 -04:00
tcp_diag.c inet_diag: add const to inet_diag_req_v2 2015-03-10 13:45:28 -04:00
tcp_fastopen.c tcp: cleanup static functions 2015-02-28 16:56:51 -05:00
tcp_highspeed.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_htcp.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_hybla.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_illinois.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_input.c net: add real socket cookies 2015-03-11 21:55:28 -04:00
tcp_ipv4.c ipv4: Create probe timer for tcp PMTU as per RFC4821 2015-03-06 14:57:42 -05:00
tcp_lp.c tcp: remove in_flight parameter from cong_avoid() methods 2014-05-03 19:23:07 -04:00
tcp_memcontrol.c memcg: cleanup static keys decrement 2015-02-12 18:54:10 -08:00
tcp_metrics.c netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
tcp_minisocks.c tcp: mitigate ACK loops for connections as tcp_timewait_sock 2015-02-08 01:03:13 -08:00
tcp_offload.c tcp: cleanup static functions 2015-02-28 16:56:51 -05:00
tcp_output.c ipv4: Create probe timer for tcp PMTU as per RFC4821 2015-03-06 14:57:42 -05:00
tcp_probe.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_scalable.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_timer.c ipv4: Create probe timer for tcp PMTU as per RFC4821 2015-03-06 14:57:42 -05:00
tcp_vegas.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_vegas.h net: ipv4/ipv6: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
tcp_veno.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_westwood.c net: tcp: split ack slow/fast events from cwnd_event 2014-09-29 00:13:10 -04:00
tcp_yeah.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tunnel4.c
udp.c net: Remove iocb argument from sendmsg and recvmsg 2015-03-02 13:06:31 -05:00
udp_diag.c inet_diag: add const to inet_diag_req_v2 2015-03-10 13:45:28 -04:00
udp_impl.h net: Remove iocb argument from sendmsg and recvmsg 2015-03-02 13:06:31 -05:00
udp_offload.c udp: Set SKB_GSO_UDP_TUNNEL* in UDP GRO path 2015-02-11 15:12:10 -08:00
udp_tunnel.c udp: Do not require sock in udp_tunnel_xmit_skb 2015-01-24 23:15:40 -08:00
udplite.c net: Eliminate no_check from protosw 2014-05-23 16:28:53 -04:00
xfrm4_input.c xfrm4: Add IPsec protocol multiplexer 2014-02-25 07:04:16 +01:00
xfrm4_mode_beet.c ipv4: ERROR: code indent should use tabs where possible 2013-12-26 13:43:21 -05:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c inetpeer: get rid of ip_id_count 2014-06-02 11:00:41 -07:00
xfrm4_output.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-05-24 00:32:30 -04:00
xfrm4_policy.c net: Remove protocol from struct dst_ops 2015-03-09 16:06:10 -04:00
xfrm4_protocol.c xfrm4: Remove duplicate semicolon 2014-06-30 07:49:47 +02:00
xfrm4_state.c inet: make no_pmtu_disc per namespace and kill ipv4_config 2013-12-18 16:58:20 -05:00
xfrm4_tunnel.c sit: add IPv4 over IPv4 support 2013-05-31 17:19:05 -07:00