[PATCH V4 net 1/2] net: remove unnecessary rotation

[PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Shaohua Li <shli@kernel.org> · 2017-07-31
[PATCH V4 net 2/2] net: fix tcp reset packet flowlabel for ipv6 · Shaohua Li <shli@kernel.org> · 2017-07-31
Re: [PATCH V4 net 2/2] net: fix tcp reset packet flowlabel for ipv6 · Cong Wang <hidden> · 2017-07-31
Re: [PATCH V4 net 2/2] net: fix tcp reset packet flowlabel for ipv6 · Shaohua Li <shli@kernel.org> · 2017-07-31
Re: [PATCH V4 net 2/2] net: fix tcp reset packet flowlabel for ipv6 · Cong Wang <hidden> · 2017-08-01
Re: [PATCH V4 net 2/2] net: fix tcp reset packet flowlabel for ipv6 · Shaohua Li <shli@kernel.org> · 2017-08-01
Re: [PATCH V4 net 2/2] net: fix tcp reset packet flowlabel for ipv6 · Cong Wang <hidden> · 2017-08-03
[PATCH V4 net 1/2] net: remove unnecessary rotation · Shaohua Li <shli@kernel.org> · 2017-07-31
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Shaohua Li <shli@kernel.org> · 2017-08-09
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · David Miller <davem@davemloft.net> · 2017-08-09
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-08-09
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Shaohua Li <shli@kernel.org> · 2017-08-10
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-08-10
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Shaohua Li <shli@kernel.org> · 2017-08-10
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-08-12
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Shaohua Li <shli@kernel.org> · 2017-08-15
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-08-15
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Shaohua Li <shli@kernel.org> · 2017-08-15
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-08-16
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Shaohua Li <shli@kernel.org> · 2017-08-17
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-08-17
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Martin KaFai Lau <hidden> · 2017-08-17
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-08-18
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Martin KaFai Lau <hidden> · 2017-08-18
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · David Miller <davem@davemloft.net> · 2017-08-18
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-11-08
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-11-08
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Martin KaFai Lau <hidden> · 2017-11-08
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Shaohua Li <shli@kernel.org> · 2017-11-14
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Tom Herbert <hidden> · 2017-11-14
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Shaohua Li <shli@kernel.org> · 2017-11-14
Re: [PATCH V4 net 0/2] ipv6: fix flowlabel issue for reset packet · Martin KaFai Lau <hidden> · 2017-11-15

Lifecycle

2017-07-31 22:19 Posted Shaohua Li <shli@kernel.org>
2017-07-31 22:19 Suggested-by David Miller

From: Shaohua Li <shli@kernel.org>
Date: 2017-07-31 22:19:27
Subsystem: networking [general], networking [ipv4/ipv6], the rest · Maintainers: "David S. Miller", Eric Dumazet, Jakub Kicinski, Paolo Abeni, David Ahern, Ido Schimmel, Linus Torvalds

From: Shaohua Li <redacted>

According to David Miller, the rotation doesn't really help avoid
security problem, so delte it.

Suggested-by: David Miller <davem@davemloft.net>
Signed-off-by: Shaohua Li <redacted>
---
 include/net/ipv6.h | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index 6eac5cf..7548367 100644
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h

@@ -790,12 +790,6 @@ static inline __be32 ip6_make_flowlabel(struct net *net, struct sk_buff *skb,
 
 	hash = skb_get_hash_flowi6(skb, fl6);
 
-	/* Since this is being sent on the wire obfuscate hash a bit
-	 * to minimize possbility that any useful information to an
-	 * attacker is leaked. Only lower 20 bits are relevant.
-	 */
-	rol32(hash, 16);
-
 	flowlabel = (__force __be32)hash & IPV6_FLOWLABEL_MASK;
 
 	if (net->ipv6.sysctl.flowlabel_state_ranges)

-- 
2.9.3

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help