tcp: randomize tcp timestamp offsets for each connection (95a22cae) · Commits · e / devices / android_kernel_oneplus_sm7250

include/linux/tcp.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -123,6 +123,7 @@ struct tcp_request_sock {
		u32 txhash;
		u32 rcv_isn;
		u32 snt_isn;
		u32 ts_off;
		u32 last_oow_ack_time; /* last SYNACK */
		u32 rcv_nxt; /* the ack # by SYNACK. For
		* FastOpen it's the seq#

+4 −4

Original line number	Diff line number	Diff line
		@@ -6,10 +6,10 @@
		u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport);
		u32 secure_ipv6_port_ephemeral(const __be32 saddr, const __be32 daddr,
		__be16 dport);
		__u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
		__be16 sport, __be16 dport);
		__u32 secure_tcpv6_sequence_number(const __be32 saddr, const __be32 daddr,
		__be16 sport, __be16 dport);
		u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
		__be16 sport, __be16 dport, u32 *tsoff);
		u32 secure_tcpv6_sequence_number(const __be32 saddr, const __be32 daddr,
		__be16 sport, __be16 dport, u32 *tsoff);
		u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
		__be16 sport, __be16 dport);
		u64 secure_dccpv6_sequence_number(__be32 saddr, __be32 daddr,

+1 −1

Original line number	Diff line number	Diff line
		@@ -1827,7 +1827,7 @@ struct tcp_request_sock_ops {
		struct dst_entry (route_req)(const struct sock sk, struct flowi fl,
		const struct request_sock *req,
		bool *strict);
		__u32 (init_seq)(const struct sk_buff skb);
		__u32 (init_seq)(const struct sk_buff skb, u32 *tsoff);
		int (send_synack)(const struct sock sk, struct dst_entry *dst,
		struct flowi fl, struct request_sock req,
		struct tcp_fastopen_cookie *foc,

+6 −4

Original line number	Diff line number	Diff line
		@@ -40,8 +40,8 @@ static u32 seq_scale(u32 seq)
		#endif

		#if IS_ENABLED(CONFIG_IPV6)
		__u32 secure_tcpv6_sequence_number(const __be32 saddr, const __be32 daddr,
		__be16 sport, __be16 dport)
		u32 secure_tcpv6_sequence_number(const __be32 saddr, const __be32 daddr,
		__be16 sport, __be16 dport, u32 *tsoff)
		{
		u32 secret[MD5_MESSAGE_BYTES / 4];
		u32 hash[MD5_DIGEST_WORDS];
		@@ -58,6 +58,7 @@ __u32 secure_tcpv6_sequence_number(const __be32 saddr, const __be32 daddr,

		md5_transform(hash, secret);

		*tsoff = hash[1];
		return seq_scale(hash[0]);
		}
		EXPORT_SYMBOL(secure_tcpv6_sequence_number);
		@@ -86,8 +87,8 @@ EXPORT_SYMBOL(secure_ipv6_port_ephemeral);

		#ifdef CONFIG_INET

		__u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
		__be16 sport, __be16 dport)
		u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
		__be16 sport, __be16 dport, u32 *tsoff)
		{
		u32 hash[MD5_DIGEST_WORDS];

		@@ -99,6 +100,7 @@ __u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,

		md5_transform(hash, net_secret);

		*tsoff = hash[1];
		return seq_scale(hash[0]);
		}

+1 −0

Original line number	Diff line number	Diff line
		@@ -334,6 +334,7 @@ struct sock cookie_v4_check(struct sock sk, struct sk_buff *skb)
		treq = tcp_rsk(req);
		treq->rcv_isn = ntohl(th->seq) - 1;
		treq->snt_isn = cookie;
		treq->ts_off = 0;
		req->mss = mss;
		ireq->ir_num = ntohs(th->dest);
		ireq->ir_rmt_port = th->source;