Re: git: 9b569353e0b0 - main - tcp: initialize V_ts_offset_secret for all vnets
Date: Sat, 10 Aug 2024 00:20:45 UTC
> On Aug 9, 2024, at 10:15 PM, Michael Tuexen <tuexen@FreeBSD.org> wrote: > > The branch main has been updated by tuexen: > > URL: https://cgit.FreeBSD.org/src/commit/?id=9b569353e0b073a513cf10debbe634c2ceb29fdf > > commit 9b569353e0b073a513cf10debbe634c2ceb29fdf > Author: Michael Tuexen <tuexen@FreeBSD.org> > AuthorDate: 2024-08-09 14:12:22 +0000 > Commit: Michael Tuexen <tuexen@FreeBSD.org> > CommitDate: 2024-08-09 14:12:22 +0000 > > tcp: initialize V_ts_offset_secret for all vnets > > Initialize V_ts_offset_secret for each vnet, not only for the > default vnet, since it is vnet specific. > > Reviewed by: Peter Lei > MFC after: 3 days > Sponsored by: Netflix, Inc. > Differential Revision: https://reviews.freebsd.org/D46246 > --- > sys/netinet/tcp_subr.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c > index 9e95a87b3596..9b5f2651fb35 100644 > --- a/sys/netinet/tcp_subr.c > +++ b/sys/netinet/tcp_subr.c > @@ -1465,6 +1465,7 @@ tcp_vnet_init(void *arg __unused) > VNET_PCPUSTAT_ALLOC(tcpstat, M_WAITOK); > > V_tcp_msl = TCPTV_MSL; > + arc4rand(&V_ts_offset_secret, sizeof(V_ts_offset_secret), 0); Emm, does it have any (potential) security problems if not initialized ? If yes then does it deserve an SA ? > } > VNET_SYSINIT(tcp_vnet_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_FOURTH, > tcp_vnet_init, NULL); > @@ -1502,7 +1503,6 @@ tcp_init(void *arg __unused) > /* Initialize the TCP logging data. */ > tcp_log_init(); > #endif > - arc4rand(&V_ts_offset_secret, sizeof(V_ts_offset_secret), 0); > > if (tcp_soreceive_stream) { > #ifdef INET