upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-18 18:20:26 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/netinet6
History
Michael Tuexen ccd9c1ef4e icmp: use per rate limit randomized jitter 
Using the same random jitter for multiple rate limits allows an
attacker to use one rate limiter to figure out the current jitter
and then use this knowledge to de-randomize the other rate limiters.
This can be mitigated by using a separate randomized jitter for each
rate limiter.
This issue was reported as issue number 10 in Keyu Man et al.:
SCAD: Towards a Universal and Automated Network Side-Channel
Vulnerability Detection

Reviewed by:		rrs, Peter Lei, glebius
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D48804

(cherry picked from commit 923c223f27e792e51ca13c476428adbbf6887551)
2025-02-12 11:04:10 +01:00
..
dest6.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
frag6.c frag6: Add another use of frag6_rmqueue() 2024-01-11 09:22:14 -05:00
icmp6.c icmp: use per rate limit randomized jitter 2025-02-12 11:04:10 +01:00
icmp6.h sys: Remove $FreeBSD$: one-line .c comment pattern 2023-08-16 11:54:24 -06:00
in6.c in6: Constify some sockaddr conversion functions 2024-11-22 21:23:47 +00:00
in6.h in6: Constify some sockaddr conversion functions 2024-11-22 21:23:47 +00:00
in6_cksum.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_fib.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_fib.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
in6_fib_algo.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_gif.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_ifattach.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_ifattach.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
in6_jail.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_mcast.c netinet: Remove stale references to Giant from comments 2024-02-03 14:10:36 -05:00
in6_pcb.c inpcb: Further restrict binding to a port owned by a different UID 2025-01-23 13:58:07 +00:00
in6_pcb.h inpcb: Constify address parameters to in6 pcb lookup routines 2024-11-22 21:23:47 +00:00
in6_proto.c icmp6: move ICMPv6 related tunables to the files where they are used 2024-06-26 12:48:44 +08:00
in6_rmx.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_rss.c sys: Remove $FreeBSD$: two-line .c pattern 2023-08-16 11:54:30 -06:00
in6_rss.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
in6_src.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
in6_var.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
ip6.h sys: Remove $FreeBSD$: one-line .c comment pattern 2023-08-16 11:54:24 -06:00
ip6_ecn.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
ip6_fastfwd.c ip: Defer checks for an unspecified dstaddr until after pfil hooks 2025-01-31 19:18:01 +00:00
ip6_forward.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ip6_gre.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ip6_id.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ip6_input.c ip: Defer checks for an unspecified dstaddr until after pfil hooks 2025-01-31 19:18:01 +00:00
ip6_mroute.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ip6_mroute.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
ip6_output.c ipsec + ktls: cannot coexists 2025-01-20 04:40:09 +02:00
ip6_var.h icmp6: move ICMPv6 related tunables to the files where they are used 2024-06-26 12:48:44 +08:00
ip_fw_nat64.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
ip_fw_nptv6.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
mld6.c sys: Use mbufq_empty instead of comparing mbufq_len against 0 2024-01-18 14:37:29 -08:00
mld6.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
mld6_var.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
nd6.c nd6: Fix the routing table subscription 2024-08-08 19:09:26 +00:00
nd6.h icmp6: move ICMPv6 related tunables to the files where they are used 2024-06-26 12:48:44 +08:00
nd6_nbr.c icmp6: move ICMPv6 related tunables to the files where they are used 2024-06-26 12:48:44 +08:00
nd6_rtr.c icmp6: move ICMPv6 related tunables to the files where they are used 2024-06-26 12:48:44 +08:00
pim6.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
pim6_var.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
raw_ip6.c inpcb: reoder inpcb destruction 2024-01-08 16:29:38 -08:00
raw_ip6.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
route6.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
scope6.c netinet6: Fix two typos in source code comments 2024-01-25 07:46:35 +01:00
scope6_var.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
sctp6_usrreq.c sctp(4): Fix typos in source code comments 2024-08-12 14:51:29 +02:00
sctp6_var.h sctp: cleanup cdefs.h include 2023-08-18 15:25:34 +02:00
send.c sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
send.h sys: Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:11 -06:00
tcp6_var.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00
udp6_usrreq.c udplite: make socketoption available on IPv6 sockets 2024-01-10 20:22:52 -05:00
udp6_var.h sys: Remove $FreeBSD$: one-line .h pattern 2023-08-16 11:54:18 -06:00