system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-07-21 10:41:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux/net
History
Eric Dumazet f4dca95fc0 tcp: reduce accepted window in NEW_SYN_RECV state 
Jason commit made checks against ACK sequence less strict
and can be exploited by attackers to establish spoofed flows
with less probes.

Innocent users might use tcp_rmem[1] == 1,000,000,000,
or something more reasonable.

An attacker can use a regular TCP connection to learn the server
initial tp->rcv_wnd, and use it to optimize the attack.

If we make sure that only the announced window (smaller than 65535)
is used for ACK validation, we force an attacker to use
65537 packets to complete the 3WHS (assuming server ISN is unknown)

Fixes: 378979e94e ("tcp: remove 64 KByte limit for initial tp->rcv_wnd value")
Link: https://datatracker.ietf.org/meeting/119/materials/slides-119-tcpm-ghost-acks-00
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Reviewed-by: Jason Xing <kerneljasonxing@gmail.com>
Link: https://lore.kernel.org/r/20240523130528.60376-1-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2024-05-27 16:47:23 -07:00
..
6lowpan net: fill in MODULE_DESCRIPTION()s for 6LoWPAN 2024-02-09 14:12:01 -08:00
9p virtio: features, fixes, cleanups 2024-05-23 12:04:36 -07:00
802
8021q net: annotate writes on dev->mtu from ndo_change_mtu() 2024-05-07 16:19:14 -07:00
appletalk Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-05-09 10:01:01 -07:00
atm net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
ax25 net-accept-more-20240515 2024-05-18 10:32:39 -07:00
batman-adv tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
bluetooth net-accept-more-20240515 2024-05-18 10:32:39 -07:00
bpf bpf: check bpf_dummy_struct_ops program params for test runs 2024-04-25 12:42:43 -07:00
bridge Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2024-05-15 07:30:49 -07:00
caif caif: Use UTILITY_NAME_LENGTH instead of hard-coding 16 2024-04-02 18:20:00 -07:00
can linux-can-next-for-6.9-20240220 2024-02-20 15:32:45 +01:00
ceph libceph: init the cursor when preparing sparse read in msgr2 2024-03-06 12:43:01 +01:00
core bpf-for-netdev 2024-05-27 16:26:30 -07:00
dcb
dccp net: dccp: Fix ccid2_rtt_estimator() kernel-doc 2024-05-07 16:15:08 -07:00
devlink devlink: extend devlink_param *set pointer 2024-04-22 13:05:19 -07:00
dns_resolver
dsa tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
ethernet netkit: Fix pkt_type override upon netkit pass verdict 2024-05-25 10:48:57 -07:00
ethtool net: revert partially applied PHY topology series 2024-05-13 18:35:02 -07:00
handshake net/handshake: remove redundant assignment to variable ret 2024-04-16 17:14:55 -07:00
hsr Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-05-09 10:01:01 -07:00
ieee802154 tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
ife
ipv4 tcp: reduce accepted window in NEW_SYN_RECV state 2024-05-27 16:47:23 -07:00
ipv6 tcp: reduce accepted window in NEW_SYN_RECV state 2024-05-27 16:47:23 -07:00
iucv more s390 updates for 6.10 merge window 2024-05-21 12:09:36 -07:00
kcm net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function 2024-03-11 09:53:22 +00:00
key net: fill in MODULE_DESCRIPTION()s for af_key 2024-02-09 14:12:01 -08:00
l2tp l2tp: fix ICMP error handling for UDP-encap sockets 2024-05-17 12:15:22 -07:00
l3mdev
lapb
llc net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
mac80211 tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
mac802154 mac802154: fix llsec key resources release in mac802154_llsec_key_del 2024-03-06 21:01:26 +01:00
mctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-02-29 14:24:56 -08:00
mpls net: Remove the now superfluous sentinel elements from ctl_table array 2024-05-03 13:29:41 +01:00
mptcp net-accept-more-20240515 2024-05-18 10:32:39 -07:00
ncsi
netfilter netfilter pull request 24-05-12 2024-05-13 13:12:35 -07:00
netlabel netlabel: fix RCU annotation for IPv4 options on socket creation 2024-05-13 14:58:12 -07:00
netlink netlink: support all extack types in dumps 2024-04-23 10:09:49 -07:00
netrom net-accept-more-20240515 2024-05-18 10:32:39 -07:00
nfc Quite smaller than usual. Notably it includes the fix for the unix 2024-05-23 12:49:37 -07:00
nsh nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). 2024-04-26 12:20:01 +02:00
openvswitch Quite smaller than usual. Notably it includes the fix for the unix 2024-05-23 12:49:37 -07:00
packet af_packet: do not call packet_read_pending() from tpacket_destruct_skb() 2024-05-16 19:38:05 -07:00
phonet net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
psample ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
qrtr net: qrtr: ns: Fix module refcnt 2024-05-16 09:47:45 +01:00
rds net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
rfkill net: rfkill: gpio: Convert to platform remove callback returning void 2024-03-25 15:40:22 +01:00
rose net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
rxrpc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-05-09 10:01:01 -07:00
sched net/sched: adjust device watchdog timer to detect stopped queue at right time 2024-05-09 20:24:13 -07:00
sctp net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
smc tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
strparser
sunrpc The usual shower of singleton fixes and minor series all over MM, 2024-05-19 09:21:03 -07:00
switchdev net: bridge: switchdev: Improve error message for port_obj_add/del functions 2024-05-08 12:19:12 +01:00
tipc tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
tls tls: fix missing memory barrier in tls_init 2024-05-23 12:03:26 +02:00
unix af_unix: Read sk->sk_hash under bindlock during bind(). 2024-05-27 11:46:56 +02:00
vmw_vsock virtio: features, fixes, cleanups 2024-05-23 12:04:36 -07:00
wireless tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
x25 net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
xdp xsk: use generic DMA sync shortcut instead of a custom one 2024-05-08 08:51:20 +02:00
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-05-09 10:01:01 -07:00
compat.c
devres.c
Kconfig net: add IEEE 802.1q specific helpers 2024-05-08 10:35:09 +01:00
Kconfig.debug
Makefile
socket.c net: have do_accept() take a struct proto_accept_arg argument 2024-05-13 18:19:19 -06:00
sysctl_net.c sysctl: treewide: constify argument ctl_table_root::permissions(table) 2024-04-24 09:43:54 +02:00