upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-07 15:52:40 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/netinet6
History
Michael Tuexen 923c223f27 icmp: use per rate limit randomized jitter 
Using the same random jitter for multiple rate limits allows an
attacker to use one rate limiter to figure out the current jitter
and then use this knowledge to de-randomize the other rate limiters.
This can be mitigated by using a separate randomized jitter for each
rate limiter.
This issue was reported as issue number 10 in Keyu Man et al.:
SCAD: Towards a Universal and Automated Network Side-Channel
Vulnerability Detection

Reviewed by:		rrs, Peter Lei, glebius
MFC after:		3 days
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D48804
2025-02-10 22:16:20 +01:00
..
dest6.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
frag6.c frag6: Add another use of frag6_rmqueue() 2024-01-04 08:39:52 -05:00
icmp6.c icmp: use per rate limit randomized jitter 2025-02-10 22:16:20 +01:00
icmp6.h sys: Remove $FreeBSD$: one-line .c comment pattern 2023-08-16 11:54:24 -06:00
in6.c in6: Constify some sockaddr conversion functions 2024-11-14 19:59:04 +00:00
in6.h in6: Constify some sockaddr conversion functions 2024-11-14 19:59:04 +00:00
in6_cksum.c sys: Automated cleanup of cdefs and other formatting 2023-11-26 22:24:00 -07:00
in6_fib.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_fib.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
in6_fib_algo.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_gif.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_ifattach.c sys: Automated cleanup of cdefs and other formatting 2023-11-26 22:24:00 -07:00
in6_ifattach.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
in6_jail.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_mcast.c netinet: Remove stale references to Giant from comments 2024-01-27 13:51:13 -05:00
in6_pcb.c inpcb: Add FIB-aware inpcb lookup 2025-02-06 14:14:39 +00:00
in6_pcb.h inpcb: Add FIB-aware inpcb lookup 2025-02-06 14:14:39 +00:00
in6_proto.c icmp6: move ICMPv6 related tunables to the files where they are used 2024-03-24 09:13:23 -07:00
in6_rmx.c in6_rmx: remove unnecessary socketvar.h 2024-05-07 14:15:56 -07:00
in6_rss.c sys: Remove $FreeBSD$: two-line .c pattern 2023-08-16 11:54:30 -06:00
in6_rss.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
in6_src.c netinet: add a probe point for IP, IP6, ICMP, ICMP6, UDP and TCP stats counters 2024-04-08 17:29:59 +02:00
in6_var.h in6_var.h: make struct in6_ifaddr declaration searchable with grep(1) 2024-12-09 08:18:56 -08:00
ip6.h sys: Remove $FreeBSD$: one-line .c comment pattern 2023-08-16 11:54:24 -06:00
ip6_ecn.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
ip6_fastfwd.c ip: Defer checks for an unspecified dstaddr until after pfil hooks 2025-01-16 16:45:16 +00:00
ip6_forward.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ip6_gre.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ip6_id.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ip6_input.c ip: Defer checks for an unspecified dstaddr until after pfil hooks 2025-01-16 16:45:16 +00:00
ip6_mroute.c netinet*: Add assertions for some places that don't support M_EXTPG mbufs 2024-10-31 16:32:32 -04:00
ip6_mroute.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
ip6_output.c socket: Move SO_SETFIB handling to protocol layers 2025-02-06 14:16:21 +00:00
ip6_var.h netinet: add a probe point for IP, IP6, ICMP, ICMP6, UDP and TCP stats counters 2024-04-08 17:29:59 +02:00
ip_fw_nat64.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
ip_fw_nptv6.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
mld6.c netinet: add a probe point for IP, IP6, ICMP, ICMP6, UDP and TCP stats counters 2024-04-08 17:29:59 +02:00
mld6.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
mld6_var.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
nd6.c inet6: add the missing lock acquire to nd6_get_llentry 2025-02-10 14:27:37 +00:00
nd6.h icmp6: move ICMPv6 related tunables to the files where they are used 2024-03-24 09:13:23 -07:00
nd6_nbr.c netinet: add a probe point for IP, IP6, ICMP, ICMP6, UDP and TCP stats counters 2024-04-08 17:29:59 +02:00
nd6_rtr.c icmp6: move ICMPv6 related tunables to the files where they are used 2024-03-24 09:13:23 -07:00
pim6.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
pim6_var.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
raw_ip6.c rawip: Add a bind_all_fibs sysctl 2025-02-06 14:16:36 +00:00
raw_ip6.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
route6.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
scope6.c netinet6: Fix two typos in source code comments 2024-01-22 21:48:34 +01:00
scope6_var.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
sctp6_usrreq.c sctp: don't specify pr_poll = sopoll_generic 2025-02-02 22:38:18 -08:00
sctp6_var.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
send.c sys: Automated cleanup of cdefs and other formatting 2023-11-26 22:24:00 -07:00
send.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
tcp6_var.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00
udp6_usrreq.c udp: Add a sysctl to modify listening socket FIB inheritance 2025-02-06 14:15:41 +00:00
udp6_var.h sys: Remove ancient SCCS tags. 2023-11-26 22:23:30 -07:00