icmp: randomize the global rate limiter
[ Upstream commit b38e7819 ] Keyu Man reported that the ICMP rate limiter could be used by attackers to get useful signal. Details will be provided in an upcoming academic publication. Our solution is to add some noise, so that the attackers no longer can get help from the predictable token bucket limiter. Fixes: 4cdf507d ("icmp: add a global rate limitation") Signed-off-by:Eric Dumazet <edumazet@google.com> Reported-by:
Keyu Man <kman001@ucr.edu> Signed-off-by:
Jakub Kicinski <kuba@kernel.org> Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org> Change-Id: Id3e0cdd058acc548198869e013d32780174d1ff4 Git-commit: d6c55250 Git-repo: https://android.googlesource.com/kernel/msm Signed-off-by:
urevanth <urevanth@codeaurora.org>
Loading
Please sign in to comment