tcp: secure_seq: add back ports to TS offset - kernel - Hosts the 0x221E linux distro kernel.

diff options

author	Eric Dumazet <edumazet@google.com>	2026-03-02 20:55:27 +0000
committer	Sasha Levin <sashal@kernel.org>	2026-03-12 07:09:56 -0400
commit	46e5b0d7cf55821527adea471ffe52a5afbd9caf (patch)
tree	2fbc0b9796a9e688bb9d590990e7c5b946428fc1 /tools/perf/scripts/python
parent	c69df4e0524f8de8e176ba389acd83e85f5f49d0 (diff)

tcp: secure_seq: add back ports to TS offset

[ Upstream commit 165573e41f2f66ef98940cf65f838b2cb575d9d1 ] This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") tcp_tw_recycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie side-channel that can be fixed in multiple ways. One of them is to bring back TCP ports in TS offset randomization. As a bonus, we perform a single siphash() computation to provide both an ISN and a TS offset. Fixes: 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") Reported-by: Zhouyan Deng <dengzhouyan_nwpu@163.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Reviewed-by: Kuniyuki Iwashima <kuniyu@google.com> Acked-by: Florian Westphal <fw@strlen.de> Link: https://patch.msgid.link/20260302205527.1982836-1-edumazet@google.com Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org>

Diffstat (limited to 'tools/perf/scripts/python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: