Giter VIP home page Giter VIP logo

tcpsecrets's Introduction

tcpsecrets

Linux kernel module to provide access to tcp cookie secrets via /proc/tcp_secrets

Tested kernels

  • 4.2.0-35-generic #40~14.04.1-Ubuntu
  • 4.4.0-34-generic #53~14.04.1-Ubuntu
  • 4.6.0-0.bpo.1-amd64 #1 SMP Debian 4.6.4-1~bpo8+1
  • 4.9.0-0.bpo.3-amd64 #1 SMP Debian 4.9.25-1~bpo8+1
  • 4.9.0-3-amd64 #1 SMP Debian 4.9.30-2+deb9u3
  • 4.9.255 (custom)
  • 5.8.0-48-generic #54~20.04.1-Ubuntu SMP
  • 5.10.24 (custom)

Untested kernels

  • 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u1 (builds, not tested)

Unsupported kernels

  • 2.6.x

Custom kernels

These options are required for module to work:

CONFIG_LIVEPATCH=y
CONFIG_FTRACE=y
CONFIG_DYNAMIC_FTRACE=y
CONFIG_DYNAMIC_FTRACE_WITH_REGS=y
CONFIG_FTRACE_MCOUNT_RECORD=y

Building for 5.7+ requires kprobes support:

CONFIG_KPROBES=y

Install via DKMS

KERNEL_VERSION=$(uname -r) make -f Makefile.dkms

tcpsecrets's People

Contributors

polachok avatar nradchenko avatar 0xef53 avatar begetsupport avatar

Stargazers

Ryan Addessi avatar avatar Gregory Tereshko avatar avatar 5l1v3r1 avatar avatar avatar Huy Doan avatar avatar Antares avatar avatar J. Brandt Buckley avatar avatar Alexey Y Manikin avatar Alex Efimov avatar Vitaly Lipatov avatar

Watchers

avatar Sergey Goppikov avatar James Cloos avatar Kolesnikov Vladislav avatar avatar Dmitry Ryabov avatar avatar avatar Dmitriy avatar avatar Artem Mitloshuk avatar avatar Dmitry Kozlyuk avatar Alexey Y Manikin avatar avatar avatar avatar avatar

Forkers

onepamopa justdominator 0xef53 arno01 mynew4 ddos-mitigator egida 5l1v3r1

tcpsecrets's Issues

Trouble with secrets key on 4.6.0-0.bpo.1-amd64

Hi!
After compilation module for Kernel 4.6.0-0.bpo.1-amd64 secrets key are not avaliable.

cat /proc/tcp_secrets 
4295028101 286335 250
00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.
00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.00000000.

Linux xen-photo-cache1 4.6.0-0.bpo.1-amd64 #1 SMP Debian 4.6.4-1~bpo8+1 (2016-08-11) x86_64 GNU/Linux

Module                  Size  Used by
tcpsecrets             16384  0 
tcp_diag               16384  0 
inet_diag              20480  1 tcp_diag
ip6table_filter        16384  0 
ip6_tables             24576  1 ip6table_filter
xt_CT                  16384  2 
iptable_raw            16384  1 
ipt_REJECT             16384  2 
nf_reject_ipv4         16384  1 ipt_REJECT
xt_state               16384  1 
xt_comment             16384  19 
xt_multiport           16384  11 
xenfs                  16384  1 
xen_privcmd            16384  1 xenfs
iptable_filter         16384  1 
iptable_nat            16384  0 
nf_conntrack_ipv4      20480  2 
nf_defrag_ipv4         16384  1 nf_conntrack_ipv4
nf_nat_ipv4            16384  1 iptable_nat
nf_nat                 24576  1 nf_nat_ipv4
nf_conntrack          118784  5 xt_CT,nf_nat,xt_state,nf_nat_ipv4,nf_conntrack_ipv4
ip_tables              24576  3 iptable_filter,iptable_nat,iptable_raw
x_tables               36864  10 ip6table_filter,xt_CT,xt_comment,ip_tables,xt_state,xt_multiport,iptable_filter,ipt_REJECT,ip6_tables,iptable_raw
xfs                   978944  1 
libcrc32c              16384  1 xfs
crc32c_generic         16384  0 
loop                   28672  0 
joydev                 20480  0 
hid_generic            16384  0 
intel_rapl             20480  0 
usbhid                 49152  0 
hid                   118784  2 hid_generic,usbhid
crct10dif_pclmul       16384  0 
ppdev                  20480  0 
crc32_pclmul           16384  0 
ghash_clmulni_intel    16384  0 
parport_pc             28672  0 
parport                49152  2 ppdev,parport_pc
hmac                   16384  1 
cirrus                 28672  1 
evdev                  24576  3 
8250_fintek            16384  0 
drbg                   24576  1 
ttm                    94208  1 cirrus
ansi_cprng             16384  0 
aesni_intel           167936  0 
drm_kms_helper        147456  1 cirrus
aes_x86_64             20480  1 aesni_intel
acpi_cpufreq           20480  0 
drm                   356352  4 ttm,drm_kms_helper,cirrus
tpm_tis                20480  0 
tpm                    45056  1 tpm_tis
button                 16384  0 
lrw                    16384  1 aesni_intel
gf128mul               16384  1 lrw
processor              36864  1 acpi_cpufreq
glue_helper            16384  1 aesni_intel
serio_raw              16384  0 
i2c_piix4              24576  0 
ablk_helper            16384  1 aesni_intel
pcspkr                 16384  0 
cryptd                 20480  3 ghash_clmulni_intel,aesni_intel,ablk_helper
ext4                  602112  6 
crc16                  16384  1 ext4
jbd2                  110592  1 ext4
mbcache                16384  7 ext4
dm_mod                110592  19 
ata_generic            16384  0 
ata_piix               36864  0 
uhci_hcd               45056  0 
ehci_pci               16384  0 
ehci_hcd               77824  1 ehci_pci
libata                237568  2 ata_generic,ata_piix
xen_netfront           28672  0 
xen_blkfront           40960  6 
crc32c_intel           24576  1 
usbcore               241664  4 uhci_hcd,ehci_hcd,ehci_pci,usbhid
psmouse               122880  0 
scsi_mod              233472  1 libata
usb_common             16384  1 usbcore
floppy                 73728  0 
fjes                   28672  0

UNIX compatibility

Will the kernel module be compatible with UNIX-like operating systems (openbsd netbsd etc) ?

Upstream merge

Hello, this is great work!
Did you try getting it merged in mainline, so patching the kernel is not neccessary anymore?

Centos 6

При сборке на Centos 6 получаю:
make -C /lib/modules/2.6.32-642.4.2.el6.x86_64/build M=/usr/src/tcpsecrets modules make[1]: Entering directory /usr/src/kernels/2.6.32-642.4.2.el6.x86_64' CC [M] /usr/src/tcpsecrets/tcpsecrets.o In file included from /usr/src/tcpsecrets/tcpsecrets.c:10: /usr/src/tcpsecrets/system_map.inc:2:1: warning: "SYNCOOKIE_SECRET_ADDR" redefined /usr/src/tcpsecrets/system_map.inc:1:1: warning: this is the location of the previous definition /usr/src/tcpsecrets/system_map.inc:3:1: warning: "SYNCOOKIE_SECRET_ADDR" redefined /usr/src/tcpsecrets/system_map.inc:2:1: warning: this is the location of the previous definition /usr/src/tcpsecrets/system_map.inc:4:1: warning: "SYNCOOKIE_SECRET_ADDR" redefined /usr/src/tcpsecrets/system_map.inc:3:1: warning: this is the location of the previous definition /usr/src/tcpsecrets/tcpsecrets.c:103: warning: initialization from incompatible pointer type /usr/src/tcpsecrets/tcpsecrets.c:104: error: ‘FTRACE_OPS_FL_SAVE_REGS’ undeclared here (not in a function) /usr/src/tcpsecrets/tcpsecrets.c: In function ‘fix_cookie_v4_check’: /usr/src/tcpsecrets/tcpsecrets.c:110: error: implicit declaration of function ‘ftrace_set_filter_ip’ make[2]: *** [/usr/src/tcpsecrets/tcpsecrets.o] Error 1 make[1]: *** [_module_/usr/src/tcpsecrets] Error 2 make[1]: Leaving directory /usr/src/kernels/2.6.32-642.4.2.el6.x86_64' make: *** [default] Error 2

Для этих ядер вообще нереально собрать? Для Centos 7 получалось.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.