ipv6: make fragment identifications less predictable

IPv6 fragment identification generation is way beyond what we use for IPv4 : It uses a single generator. Its not scalable and allows DOS attacks. Now inetpeer is IPv6 aware, we can use it to provide a more secure and scalable frag ident generator (per destination, instead of system wide) This patch : 1) defines a new secure_ipv6_id() helper 2) extends inet_getid() to provide 32bit results 3) extends ipv6_select_ident() with a new dest parameter Reported-by: Fernando Gont <fernando@gont.com.ar> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2025-06-17 20:25:19 +00:00 · 2011-07-21 21:25:58 -07:00 · 2011-07-21 21:25:58 -07:00 · 87c48fa3b4
commit 87c48fa3b4
parent 21efcfa0ff
7 changed files with 64 additions and 22 deletions
--- a/include/net/inetpeer.h
+++ b/include/net/inetpeer.h
@ -71,7 +71,7 @@ static inline bool inet_metrics_new(const struct inet_peer *p)
 }

 /* can be called with or without local BH being disabled */
-struct inet_peer	*inet_getpeer(struct inetpeer_addr *daddr, int create);
+struct inet_peer	*inet_getpeer(const struct inetpeer_addr *daddr, int create);

 static inline struct inet_peer *inet_getpeer_v4(__be32 v4daddr, int create)
 {
@ -106,11 +106,18 @@ static inline void inet_peer_refcheck(const struct inet_peer *p)


 /* can be called with or without local BH being disabled */
-static inline __u16	inet_getid(struct inet_peer *p, int more)
+static inline int inet_getid(struct inet_peer *p, int more)
 {
+	int old, new;
 	more++;
 	inet_peer_refcheck(p);
-	return atomic_add_return(more, &p->ip_id_count) - more;
+	do {
+		old = atomic_read(&p->ip_id_count);
+		new = old + more;
+		if (!new)
+			new = 1;
+	} while (atomic_cmpxchg(&p->ip_id_count, old, new) != old);
+	return new;
 }

 #endif /* _NET_INETPEER_H */