github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 23:23:53 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
0671b3017c
linux/include
History
Eric Dumazet ef81bb40bf ipv6: make fragment identifications less predictable 
[ Backport of upstream commit 87c48fa3b4 ]

Fernando Gont reported current IPv6 fragment identification generation
was not secure, because using a very predictable system-wide generator,
allowing various attacks.

IPv4 uses inetpeer cache to address this problem and to get good
performance. We'll use this mechanism when IPv6 inetpeer is stable
enough in linux-3.1

For the time being, we use jhash on destination address to provide less
predictable identifications. Also remove a spinlock and use cmpxchg() to
get better SMP performance.

Reported-by: Fernando Gont <fernando@gont.com.ar>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2011-08-15 18:31:37 -07:00
..
acpi Merge branches 'd3cold', 'bugzilla-37412' and 'bugzilla-38152' into release 2011-07-14 00:16:38 -04:00
asm-generic Merge branches 'gpio/merge' and 'spi/merge' of git://git.secretlab.ca/git/linux-2.6 2011-06-17 10:36:32 -07:00
crypto
drm drm/i915: Fix typo in DRM_I915_OVERLAY_PUT_IMAGE ioctl define 2011-08-15 18:31:35 -07:00
keys libceph: Create a new key type "ceph". 2011-03-29 12:11:24 -07:00
linux net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-15 18:31:35 -07:00
math-emu
media [media] tuner-core/v4l2-subdev: document that the type field has to be filled in 2011-07-07 15:04:23 -03:00
mtd UBI: fix minor stylistic issues 2011-04-14 11:34:41 +03:00
net ipv6: make fragment identifications less predictable 2011-08-15 18:31:37 -07:00
pcmcia pcmcia: Make declaration and uses of struct pcmcia_device_id const 2011-05-06 07:46:15 +02:00
rdma Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband 2011-05-26 12:13:57 -07:00
rxrpc Fix common misspellings 2011-03-31 11:26:23 -03:00
scsi [SCSI] libsas: Add option for SATA soft reset 2011-05-26 22:49:33 -05:00
sound ALSA: sb16 - Fix build errors on MIPS and others with 13bit ioctl size 2011-06-30 15:33:57 +02:00
target [SCSI] target: Convert REPORT_LUNs to use int_to_scsilun 2011-05-24 13:02:42 -04:00
trace Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 2011-06-21 10:22:35 -07:00
video Merge branches 'common/fbdev' and 'common/fbdev-meram' of master.kernel.org:/pub/scm/linux/kernel/git/lethal/sh-2.6 2011-05-24 15:49:57 +09:00
xen xen: allow enable use of VGA console on dom0 2011-08-15 18:31:34 -07:00
Kbuild