git.kernel.dk Git - linux-2.6-block.git/commit

author	Dmitry Safonov <dima@arista.com>
	Mon, 23 Oct 2023 19:22:08 +0000 (20:22 +0100)
committer	David S. Miller <davem@davemloft.net>
	Fri, 27 Oct 2023 09:35:45 +0000 (10:35 +0100)
commit	953af8e3acb68d2db11937cec3bc5da31de5c12e
tree	2c56c02d543050285dd073b65827682066114e26	tree \| snapshot
parent	2717b5adea9e2558798c30eb0e93c01722edbb0a	commit \| diff

net/tcp: Ignore specific ICMPs for TCP-AO connections

Similarly to IPsec, RFC5925 prescribes:
  ">> A TCP-AO implementation MUST default to ignore incoming ICMPv4
  messages of Type 3 (destination unreachable), Codes 2-4 (protocol
  unreachable, port unreachable, and fragmentation needed -- ’hard
  errors’), and ICMPv6 Type 1 (destination unreachable), Code 1
  (administratively prohibited) and Code 4 (port unreachable) intended
  for connections in synchronized states (ESTABLISHED, FIN-WAIT-1, FIN-
  WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, TIME-WAIT) that match MKTs."

A selftest (later in patch series) verifies that this attack is not
possible in this TCP-AO implementation.

Co-developed-by: Francesco Ruggeri <fruggeri@arista.com>
Signed-off-by: Francesco Ruggeri <fruggeri@arista.com>
Co-developed-by: Salam Noureddine <noureddine@arista.com>
Signed-off-by: Salam Noureddine <noureddine@arista.com>
Signed-off-by: Dmitry Safonov <dima@arista.com>
Acked-by: David Ahern <dsahern@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/tcp_ao.h		diff \| blob \| blame \| history
include/uapi/linux/snmp.h		diff \| blob \| blame \| history
include/uapi/linux/tcp.h		diff \| blob \| blame \| history
net/ipv4/proc.c		diff \| blob \| blame \| history
net/ipv4/tcp_ao.c		diff \| blob \| blame \| history
net/ipv4/tcp_ipv4.c		diff \| blob \| blame \| history
net/ipv6/tcp_ipv6.c		diff \| blob \| blame \| history