aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGerrit Renker <gerrit@erg.abdn.ac.uk>2010-10-11 14:35:40 -0400
committerGerrit Renker <gerrit@erg.abdn.ac.uk>2010-10-12 00:57:40 -0400
commit0b53d4604ac2b4f2faa9a62a04ea9b383ad2efe0 (patch)
tree70ed0d136ef719f33655f78b31650d1c88cd3e00
parent0ed8ddf4045fcfcac36bad753dc4046118c603ec (diff)
dccp: fix the adjustments to AWL and SWL
This fixes a problem and a potential loophole with regard to seqno/ackno validity: currently the initial adjustments to AWL/SWL are only performed once at the begin of the connection, during the handshake. Since the Sequence Window feature is always greater than Wmin=32 (7.5.2), it is however necessary to perform these adjustments at least for the first W/W' (variables as per 7.5.1) packets in the lifetime of a connection. This requirement is complicated by the fact that W/W' can change at any time during the lifetime of a connection. Therefore it is better to perform that safety check each time SWL/AWL are updated, as implemented by the patch. A second problem solved by this patch is that the remote/local Sequence Window feature values (which set the bounds for AWL/SWL/SWH) are undefined until the feature negotiation has completed. During the initial handshake we have more stringent sequence number protection; the changes added by this patch effect that {A,S}W{L,H} are within the correct bounds at the instant that feature negotiation completes (since the SeqWin feature activation handlers call dccp_update_gsr/gss()). Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
-rw-r--r--net/dccp/dccp.h20
-rw-r--r--net/dccp/input.c18
-rw-r--r--net/dccp/minisocks.c30
3 files changed, 35 insertions, 33 deletions
diff --git a/net/dccp/dccp.h b/net/dccp/dccp.h
index 019d6ffee354..e051c774ef5c 100644
--- a/net/dccp/dccp.h
+++ b/net/dccp/dccp.h
@@ -414,6 +414,23 @@ static inline void dccp_update_gsr(struct sock *sk, u64 seq)
414 dp->dccps_gsr = seq; 414 dp->dccps_gsr = seq;
415 /* Sequence validity window depends on remote Sequence Window (7.5.1) */ 415 /* Sequence validity window depends on remote Sequence Window (7.5.1) */
416 dp->dccps_swl = SUB48(ADD48(dp->dccps_gsr, 1), dp->dccps_r_seq_win / 4); 416 dp->dccps_swl = SUB48(ADD48(dp->dccps_gsr, 1), dp->dccps_r_seq_win / 4);
417 /*
418 * Adjust SWL so that it is not below ISR. In contrast to RFC 4340,
419 * 7.5.1 we perform this check beyond the initial handshake: W/W' are
420 * always > 32, so for the first W/W' packets in the lifetime of a
421 * connection we always have to adjust SWL.
422 * A second reason why we are doing this is that the window depends on
423 * the feature-remote value of Sequence Window: nothing stops the peer
424 * from updating this value while we are busy adjusting SWL for the
425 * first W packets (we would have to count from scratch again then).
426 * Therefore it is safer to always make sure that the Sequence Window
427 * is not artificially extended by a peer who grows SWL downwards by
428 * continually updating the feature-remote Sequence-Window.
429 * If sequence numbers wrap it is bad luck. But that will take a while
430 * (48 bit), and this measure prevents Sequence-number attacks.
431 */
432 if (before48(dp->dccps_swl, dp->dccps_isr))
433 dp->dccps_swl = dp->dccps_isr;
417 dp->dccps_swh = ADD48(dp->dccps_gsr, (3 * dp->dccps_r_seq_win) / 4); 434 dp->dccps_swh = ADD48(dp->dccps_gsr, (3 * dp->dccps_r_seq_win) / 4);
418} 435}
419 436
@@ -424,6 +441,9 @@ static inline void dccp_update_gss(struct sock *sk, u64 seq)
424 dp->dccps_gss = seq; 441 dp->dccps_gss = seq;
425 /* Ack validity window depends on local Sequence Window value (7.5.1) */ 442 /* Ack validity window depends on local Sequence Window value (7.5.1) */
426 dp->dccps_awl = SUB48(ADD48(dp->dccps_gss, 1), dp->dccps_l_seq_win); 443 dp->dccps_awl = SUB48(ADD48(dp->dccps_gss, 1), dp->dccps_l_seq_win);
444 /* Adjust AWL so that it is not below ISS - see comment above for SWL */
445 if (before48(dp->dccps_awl, dp->dccps_iss))
446 dp->dccps_awl = dp->dccps_iss;
427 dp->dccps_awh = dp->dccps_gss; 447 dp->dccps_awh = dp->dccps_gss;
428} 448}
429 449
diff --git a/net/dccp/input.c b/net/dccp/input.c
index 10c957a88f4f..aecc8c7443c2 100644
--- a/net/dccp/input.c
+++ b/net/dccp/input.c
@@ -441,20 +441,14 @@ static int dccp_rcv_request_sent_state_process(struct sock *sk,
441 kfree_skb(sk->sk_send_head); 441 kfree_skb(sk->sk_send_head);
442 sk->sk_send_head = NULL; 442 sk->sk_send_head = NULL;
443 443
444 dp->dccps_isr = DCCP_SKB_CB(skb)->dccpd_seq;
445 dccp_update_gsr(sk, dp->dccps_isr);
446 /* 444 /*
447 * SWL and AWL are initially adjusted so that they are not less than 445 * Set ISR, GSR from packet. ISS was set in dccp_v{4,6}_connect
448 * the initial Sequence Numbers received and sent, respectively: 446 * and GSS in dccp_transmit_skb(). Setting AWL/AWH and SWL/SWH
449 * SWL := max(GSR + 1 - floor(W/4), ISR), 447 * is done as part of activating the feature values below, since
450 * AWL := max(GSS - W' + 1, ISS). 448 * these settings depend on the local/remote Sequence Window
451 * These adjustments MUST be applied only at the beginning of the 449 * features, which were undefined or not confirmed until now.
452 * connection.
453 *
454 * AWL was adjusted in dccp_v4_connect -acme
455 */ 450 */
456 dccp_set_seqno(&dp->dccps_swl, 451 dp->dccps_gsr = dp->dccps_isr = DCCP_SKB_CB(skb)->dccpd_seq;
457 max48(dp->dccps_swl, dp->dccps_isr));
458 452
459 dccp_sync_mss(sk, icsk->icsk_pmtu_cookie); 453 dccp_sync_mss(sk, icsk->icsk_pmtu_cookie);
460 454
diff --git a/net/dccp/minisocks.c b/net/dccp/minisocks.c
index 128b089d3aef..d7041a0963af 100644
--- a/net/dccp/minisocks.c
+++ b/net/dccp/minisocks.c
@@ -121,30 +121,18 @@ struct sock *dccp_create_openreq_child(struct sock *sk,
121 * 121 *
122 * Choose S.ISS (initial seqno) or set from Init Cookies 122 * Choose S.ISS (initial seqno) or set from Init Cookies
123 * Initialize S.GAR := S.ISS 123 * Initialize S.GAR := S.ISS
124 * Set S.ISR, S.GSR, S.SWL, S.SWH from packet or Init Cookies 124 * Set S.ISR, S.GSR from packet (or Init Cookies)
125 */ 125 *
126 newdp->dccps_gar = newdp->dccps_iss = dreq->dreq_iss; 126 * Setting AWL/AWH and SWL/SWH happens as part of the feature
127 dccp_update_gss(newsk, dreq->dreq_iss); 127 * activation below, as these windows all depend on the local
128 128 * and remote Sequence Window feature values (7.5.2).
129 newdp->dccps_isr = dreq->dreq_isr;
130 dccp_update_gsr(newsk, dreq->dreq_isr);
131
132 /*
133 * SWL and AWL are initially adjusted so that they are not less than
134 * the initial Sequence Numbers received and sent, respectively:
135 * SWL := max(GSR + 1 - floor(W/4), ISR),
136 * AWL := max(GSS - W' + 1, ISS).
137 * These adjustments MUST be applied only at the beginning of the
138 * connection.
139 */ 129 */
140 dccp_set_seqno(&newdp->dccps_swl, 130 newdp->dccps_gss = newdp->dccps_iss = dreq->dreq_iss;
141 max48(newdp->dccps_swl, newdp->dccps_isr)); 131 newdp->dccps_gar = newdp->dccps_iss;
142 dccp_set_seqno(&newdp->dccps_awl, 132 newdp->dccps_gsr = newdp->dccps_isr = dreq->dreq_isr;
143 max48(newdp->dccps_awl, newdp->dccps_iss));
144 133
145 /* 134 /*
146 * Activate features after initialising the sequence numbers, 135 * Activate features: initialise CCIDs, sequence windows etc.
147 * since CCID initialisation may depend on GSS, ISR, ISS etc.
148 */ 136 */
149 if (dccp_feat_activate_values(newsk, &dreq->dreq_featneg)) { 137 if (dccp_feat_activate_values(newsk, &dreq->dreq_featneg)) {
150 /* It is still raw copy of parent, so invalidate 138 /* It is still raw copy of parent, so invalidate