7 жил өмнө · dd000598a3
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -1555,7 +1555,7 @@ void tcp_fastopen_add_skb(struct sock *sk, struct sk_buff *skb);
 
															 struct sock *tcp_try_fastopen(struct sock *sk, struct sk_buff *skb,
														
 
															 			      struct request_sock *req,
														
 
															 			      struct tcp_fastopen_cookie *foc);
														
 
															-void tcp_fastopen_init_key_once(bool publish);
														
 
															+void tcp_fastopen_init_key_once(void);
														
 
															 bool tcp_fastopen_cookie_check(struct sock *sk, u16 *mss,
														
 
															 			     struct tcp_fastopen_cookie *cookie);
														
 
															 bool tcp_fastopen_defer_connect(struct sock *sk, int *err);
														
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -222,7 +222,7 @@ int inet_listen(struct socket *sock, int backlog)
 
															 		    (tcp_fastopen & TFO_SERVER_ENABLE) &&
														
 
															 		    !inet_csk(sk)->icsk_accept_queue.fastopenq.max_qlen) {
														
 
															 			fastopen_queue_tune(sk, backlog);
														
 
															-			tcp_fastopen_init_key_once(true);
														
 
															+			tcp_fastopen_init_key_once();
														
 
															 		}
														
 
															 		err = inet_csk_listen_start(sk, backlog);
														
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -282,11 +282,6 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write,
 
															 			ret = -EINVAL;
														
 
															 			goto bad_key;
														
 
															 		}
														
 
															-		/* Generate a dummy secret but don't publish it. This
														
 
															-		 * is needed so we don't regenerate a new key on the
														
 
															-		 * first invocation of tcp_fastopen_cookie_gen
														
 
															-		 */
														
 
															-		tcp_fastopen_init_key_once(false);
														
 
															 		tcp_fastopen_reset_cipher(user_key, TCP_FASTOPEN_KEY_LENGTH);
														
 
															 	}
														
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -2749,7 +2749,7 @@ static int do_tcp_setsockopt(struct sock *sk, int level,
 
															 	case TCP_FASTOPEN:
														
 
															 		if (val >= 0 && ((1 << sk->sk_state) & (TCPF_CLOSE |
														
 
															 		    TCPF_LISTEN))) {
														
 
															-			tcp_fastopen_init_key_once(true);
														
 
															+			tcp_fastopen_init_key_once();
														
 
															 			fastopen_queue_tune(sk, val);
														
 
															 		} else {
														
--- a/net/ipv4/tcp_fastopen.c
+++ b/net/ipv4/tcp_fastopen.c
@@ -13,7 +13,7 @@ struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
 
															 static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock);
														
 
															-void tcp_fastopen_init_key_once(bool publish)
														
 
															+void tcp_fastopen_init_key_once(void)
														
 
															 {
														
 
															 	static u8 key[TCP_FASTOPEN_KEY_LENGTH];
														
@@ -23,7 +23,7 @@ void tcp_fastopen_init_key_once(bool publish)
 
															 	 * All call sites of tcp_fastopen_cookie_gen also check
														
 
															 	 * for a valid cookie, so this is an acceptable risk.
														
 
															 	 */
														
 
															-	if (net_get_random_once(key, sizeof(key)) && publish)
														
 
															+	if (net_get_random_once(key, sizeof(key)))
														
 
															 		tcp_fastopen_reset_cipher(key, sizeof(key));
														
 
															 }