Re: git: 9b569353e0b0 - main - tcp: initialize V_ts_offset_secret for all vnets
Date: Sat, 10 Aug 2024 00:20:45 UTC
> On Aug 9, 2024, at 10:15 PM, Michael Tuexen <tuexen@FreeBSD.org> wrote:
>
> The branch main has been updated by tuexen:
>
> URL: https://cgit.FreeBSD.org/src/commit/?id=9b569353e0b073a513cf10debbe634c2ceb29fdf
>
> commit 9b569353e0b073a513cf10debbe634c2ceb29fdf
> Author: Michael Tuexen <tuexen@FreeBSD.org>
> AuthorDate: 2024-08-09 14:12:22 +0000
> Commit: Michael Tuexen <tuexen@FreeBSD.org>
> CommitDate: 2024-08-09 14:12:22 +0000
>
> tcp: initialize V_ts_offset_secret for all vnets
>
> Initialize V_ts_offset_secret for each vnet, not only for the
> default vnet, since it is vnet specific.
>
> Reviewed by: Peter Lei
> MFC after: 3 days
> Sponsored by: Netflix, Inc.
> Differential Revision: https://reviews.freebsd.org/D46246
> ---
> sys/netinet/tcp_subr.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
> index 9e95a87b3596..9b5f2651fb35 100644
> --- a/sys/netinet/tcp_subr.c
> +++ b/sys/netinet/tcp_subr.c
> @@ -1465,6 +1465,7 @@ tcp_vnet_init(void *arg __unused)
> VNET_PCPUSTAT_ALLOC(tcpstat, M_WAITOK);
>
> V_tcp_msl = TCPTV_MSL;
> + arc4rand(&V_ts_offset_secret, sizeof(V_ts_offset_secret), 0);
Emm, does it have any (potential) security problems if not initialized ? If yes then does it deserve an SA ?
> }
> VNET_SYSINIT(tcp_vnet_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_FOURTH,
> tcp_vnet_init, NULL);
> @@ -1502,7 +1503,6 @@ tcp_init(void *arg __unused)
> /* Initialize the TCP logging data. */
> tcp_log_init();
> #endif
> - arc4rand(&V_ts_offset_secret, sizeof(V_ts_offset_secret), 0);
>
> if (tcp_soreceive_stream) {
> #ifdef INET