Eric Dumazet a2ce901263 inet: switch IP ID generator to siphash ... commit df453700e8d81b1bdafdf684365ee2b9431fb702 upstream. According to Amit Klein and Benny Pinkas, IP ID generation is too weak and might be used by attackers. Even with recent net_hash_mix() fix (netns: provide pure entropy for net_hash_mix()) having 64bit key and Jenkins hash is risky. It is time to switch to siphash and its 128bit keys. Signed-off-by: Eric Dumazet <edumazet@google.com> Reported-by: Amit Klein <aksecurity@gmail.com> Reported-by: Benny Pinkas <benny@pinkas.net> Signed-off-by: David S. Miller <davem@davemloft.net> [bwh: Backported to 4.4: adjust context] Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk> Signed-off-by: Sasha Levin <sashal@kernel.org>		2020-04-06 21:32:45 +02:00
..
conntrack.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
core.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
dccp.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
generic.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
hash.h	netns: provide pure entropy for net_hash_mix()	2020-04-06 15:08:06 +02:00
ieee802154_6lowpan.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
ipv4.h	inet: switch IP ID generator to siphash	2020-04-06 21:32:45 +02:00
ipv6.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
mib.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
mpls.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
mptcp.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
netfilter.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
nftables.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
packet.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
sctp.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
unix.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
x_tables.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30
xfrm.h	A750FXXU4CTBC	2020-03-27 21:51:54 +05:30