)]}'
{
  "commit": "07cf4e8ddac7203a9c8dfcf7cf978a9d95ce1112",
  "tree": "4a73b5a8156b08ccd211260fc05576db31f5646e",
  "parents": [
    "0ccf51399d55963b2a5d0a86468885c8efb9e7a4"
  ],
  "author": {
    "name": "Eric Dumazet",
    "email": "edumazet@google.com",
    "time": "Wed Jan 26 17:10:21 2022 -0800"
  },
  "committer": {
    "name": "Greg Kroah-Hartman",
    "email": "gregkh@linuxfoundation.org",
    "time": "Thu Feb 03 09:27:53 2022 +0100"
  },
  "message": "ipv4: tcp: send zero IPID in SYNACK messages\n\n[ Upstream commit 970a5a3ea86da637471d3cd04d513a0755aba4bf ]\n\nIn commit 431280eebed9 (\"ipv4: tcp: send zero IPID for RST and\nACK sent in SYN-RECV and TIME-WAIT state\") we took care of some\nctl packets sent by TCP.\n\nIt turns out we need to use a similar strategy for SYNACK packets.\n\nBy default, they carry IP_DF and IPID\u003d\u003d0, but there are ways\nto ask them to use the hashed IP ident generator and thus\nbe used to build off-path attacks.\n(Ref: Off-Path TCP Exploits of the Mixed IPID Assignment)\n\nOne of this way is to force (before listener is started)\necho 1 \u003e/proc/sys/net/ipv4/ip_no_pmtu_disc\n\nAnother way is using forged ICMP ICMP_FRAG_NEEDED\nwith a very small MTU (like 68) to force a false return from\nip_dont_fragment()\n\nIn this patch, ip_build_and_send_pkt() uses the following\nheuristics.\n\n1) Most SYNACK packets are smaller than IPV4_MIN_MTU and therefore\ncan use IP_DF regardless of the listener or route pmtu setting.\n\n2) In case the SYNACK packet is bigger than IPV4_MIN_MTU,\nwe use prandom_u32() generator instead of the IPv4 hashed ident one.\n\nFixes: 1da177e4c3f4 (\"Linux-2.6.12-rc2\")\nSigned-off-by: Eric Dumazet \u003cedumazet@google.com\u003e\nReported-by: Ray Che \u003cxijiache@gmail.com\u003e\nReviewed-by: David Ahern \u003cdsahern@kernel.org\u003e\nCc: Geoff Alexander \u003calexandg@cs.unm.edu\u003e\nCc: Willy Tarreau \u003cw@1wt.eu\u003e\nSigned-off-by: Jakub Kicinski \u003ckuba@kernel.org\u003e\nSigned-off-by: Sasha Levin \u003csashal@kernel.org\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "477540b3d3207731db82e802b79bc60b3b3597a2",
      "old_mode": 33188,
      "old_path": "net/ipv4/ip_output.c",
      "new_id": "efd4410a735874e5629fdb8de19de8eb955f4335",
      "new_mode": 33188,
      "new_path": "net/ipv4/ip_output.c"
    }
  ]
}