2019-05-19 13:08:55 +01:00
// SPDX-License-Identifier: GPL-2.0-only
2017-01-08 13:54:02 +01:00
/*
* Copyright ( C ) 2016 Jason A . Donenfeld < Jason @ zx2c4 . com > . All Rights Reserved .
*/
2011-08-03 20:50:44 -07:00
# include <linux/kernel.h>
# include <linux/init.h>
# include <linux/cryptohash.h>
# include <linux/module.h>
# include <linux/cache.h>
# include <linux/random.h>
# include <linux/hrtimer.h>
# include <linux/ktime.h>
# include <linux/string.h>
2013-10-19 21:48:59 +02:00
# include <linux/net.h>
2017-01-08 13:54:02 +01:00
# include <linux/siphash.h>
2011-08-03 20:50:44 -07:00
# include <net/secure_seq.h>
2013-10-05 17:56:59 -03:00
# if IS_ENABLED(CONFIG_IPV6) || IS_ENABLED(CONFIG_INET)
2017-01-08 13:54:02 +01:00
# include <linux/in6.h>
2016-12-01 11:32:07 +01:00
# include <net/tcp.h>
2011-08-03 20:50:44 -07:00
2017-01-08 13:54:02 +01:00
static siphash_key_t net_secret __read_mostly ;
2017-03-24 19:42:37 +01:00
static siphash_key_t ts_secret __read_mostly ;
2013-09-24 06:19:57 -07:00
2013-10-23 08:44:50 +02:00
static __always_inline void net_secret_init ( void )
2011-08-03 20:50:44 -07:00
{
2017-01-08 13:54:02 +01:00
net_get_random_once ( & net_secret , sizeof ( net_secret ) ) ;
2011-08-03 20:50:44 -07:00
}
2017-05-05 06:56:54 -07:00
static __always_inline void ts_secret_init ( void )
{
net_get_random_once ( & ts_secret , sizeof ( ts_secret ) ) ;
}
2013-10-05 17:56:59 -03:00
# endif
2011-08-03 20:50:44 -07:00
2011-12-06 08:04:40 +00:00
# ifdef CONFIG_INET
2011-08-03 20:50:44 -07:00
static u32 seq_scale ( u32 seq )
{
/*
* As close as possible to RFC 793 , which
* suggests using a 250 kHz clock .
* Further reading shows this assumes 2 Mb / s networks .
* For 10 Mb / s Ethernet , a 1 MHz clock is appropriate .
* For 10 Gb / s Ethernet , a 1 GHz clock should be ok , but
* we also need to limit the resolution so that the u32 seq
* overlaps less than one time per MSL ( 2 minutes ) .
* Choosing a clock of 64 ns period is OK . ( period of 274 s )
*/
2014-08-22 18:32:09 -07:00
return seq + ( ktime_get_real_ns ( ) > > 6 ) ;
2011-08-03 20:50:44 -07:00
}
2011-12-06 08:04:40 +00:00
# endif
2011-08-03 20:50:44 -07:00
2011-12-10 09:48:31 +00:00
# if IS_ENABLED(CONFIG_IPV6)
2017-06-07 10:34:39 -07:00
u32 secure_tcpv6_ts_off ( const struct net * net ,
const __be32 * saddr , const __be32 * daddr )
2017-03-24 19:42:37 +01:00
{
const struct {
struct in6_addr saddr ;
struct in6_addr daddr ;
} __aligned ( SIPHASH_ALIGNMENT ) combined = {
. saddr = * ( struct in6_addr * ) saddr ,
. daddr = * ( struct in6_addr * ) daddr ,
} ;
2017-06-07 10:34:39 -07:00
if ( net - > ipv4 . sysctl_tcp_timestamps ! = 1 )
2017-03-24 19:42:37 +01:00
return 0 ;
2017-05-05 06:56:54 -07:00
ts_secret_init ( ) ;
2017-03-24 19:42:37 +01:00
return siphash ( & combined , offsetofend ( typeof ( combined ) , daddr ) ,
& ts_secret ) ;
}
2017-05-05 06:56:54 -07:00
EXPORT_SYMBOL ( secure_tcpv6_ts_off ) ;
2017-03-24 19:42:37 +01:00
2017-05-05 06:56:54 -07:00
u32 secure_tcpv6_seq ( const __be32 * saddr , const __be32 * daddr ,
__be16 sport , __be16 dport )
2011-08-03 20:50:44 -07:00
{
2017-01-08 13:54:02 +01:00
const struct {
struct in6_addr saddr ;
struct in6_addr daddr ;
__be16 sport ;
__be16 dport ;
} __aligned ( SIPHASH_ALIGNMENT ) combined = {
. saddr = * ( struct in6_addr * ) saddr ,
. daddr = * ( struct in6_addr * ) daddr ,
. sport = sport ,
. dport = dport
} ;
2017-05-05 06:56:54 -07:00
u32 hash ;
2013-09-24 06:19:57 -07:00
net_secret_init ( ) ;
2017-01-08 13:54:02 +01:00
hash = siphash ( & combined , offsetofend ( typeof ( combined ) , dport ) ,
& net_secret ) ;
return seq_scale ( hash ) ;
2011-08-03 20:50:44 -07:00
}
2017-05-05 06:56:54 -07:00
EXPORT_SYMBOL ( secure_tcpv6_seq ) ;
2011-08-03 20:50:44 -07:00
u32 secure_ipv6_port_ephemeral ( const __be32 * saddr , const __be32 * daddr ,
__be16 dport )
{
2017-01-08 13:54:02 +01:00
const struct {
struct in6_addr saddr ;
struct in6_addr daddr ;
__be16 dport ;
} __aligned ( SIPHASH_ALIGNMENT ) combined = {
. saddr = * ( struct in6_addr * ) saddr ,
. daddr = * ( struct in6_addr * ) daddr ,
. dport = dport
} ;
2013-09-24 06:19:57 -07:00
net_secret_init ( ) ;
2017-01-08 13:54:02 +01:00
return siphash ( & combined , offsetofend ( typeof ( combined ) , dport ) ,
& net_secret ) ;
2011-08-03 20:50:44 -07:00
}
2012-08-26 19:14:12 +02:00
EXPORT_SYMBOL ( secure_ipv6_port_ephemeral ) ;
2011-08-03 20:50:44 -07:00
# endif
# ifdef CONFIG_INET
2017-06-07 10:34:39 -07:00
u32 secure_tcp_ts_off ( const struct net * net , __be32 saddr , __be32 daddr )
2017-03-24 19:42:37 +01:00
{
2017-06-07 10:34:39 -07:00
if ( net - > ipv4 . sysctl_tcp_timestamps ! = 1 )
2017-03-24 19:42:37 +01:00
return 0 ;
2017-05-05 06:56:54 -07:00
ts_secret_init ( ) ;
2017-03-24 19:42:37 +01:00
return siphash_2u32 ( ( __force u32 ) saddr , ( __force u32 ) daddr ,
& ts_secret ) ;
}
2011-08-03 20:50:44 -07:00
2017-03-09 13:53:55 +03:00
/* secure_tcp_seq_and_tsoff(a, b, 0, d) == secure_ipv4_port_ephemeral(a, b, d),
2017-01-08 13:54:02 +01:00
* but fortunately , ` sport ' cannot be 0 in any circumstances . If this changes ,
* it would be easy enough to have the former function use siphash_4u32 , passing
* the arguments as separate u32 .
*/
2017-05-05 06:56:54 -07:00
u32 secure_tcp_seq ( __be32 saddr , __be32 daddr ,
__be16 sport , __be16 dport )
2011-08-03 20:50:44 -07:00
{
2017-05-05 06:56:54 -07:00
u32 hash ;
2013-09-24 06:19:57 -07:00
net_secret_init ( ) ;
2017-01-08 13:54:02 +01:00
hash = siphash_3u32 ( ( __force u32 ) saddr , ( __force u32 ) daddr ,
( __force u32 ) sport < < 16 | ( __force u32 ) dport ,
& net_secret ) ;
return seq_scale ( hash ) ;
2011-08-03 20:50:44 -07:00
}
infiniband: i40iw, nes: don't use wall time for TCP sequence numbers
The nes infiniband driver uses current_kernel_time() to get a nanosecond
granunarity timestamp to initialize its tcp sequence counters. This is
one of only a few remaining users of that deprecated function, so we
should try to get rid of it.
Aside from using a deprecated API, there are several problems I see here:
- Using a CLOCK_REALTIME based time source makes it predictable in
case the time base is synchronized.
- Using a coarse timestamp means it only gets updated once per jiffie,
making it even more predictable in order to avoid having to access
the hardware clock source
- The upper 2 bits are always zero because the nanoseconds are at most
999999999.
For the Linux TCP implementation, we use secure_tcp_seq(), which appears
to be appropriate here as well, and solves all the above problems.
i40iw uses a variant of the same code, so I do that same thing there
for ipv4. Unlike nes, i40e also supports ipv6, which needs to call
secure_tcpv6_seq instead.
Acked-by: Shiraz Saleem <shiraz.saleem@intel.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
2018-07-09 10:34:43 +02:00
EXPORT_SYMBOL_GPL ( secure_tcp_seq ) ;
2011-08-03 20:50:44 -07:00
u32 secure_ipv4_port_ephemeral ( __be32 saddr , __be32 daddr , __be16 dport )
{
2013-09-24 06:19:57 -07:00
net_secret_init ( ) ;
2017-01-08 13:54:02 +01:00
return siphash_3u32 ( ( __force u32 ) saddr , ( __force u32 ) daddr ,
( __force u16 ) dport , & net_secret ) ;
2011-08-03 20:50:44 -07:00
}
EXPORT_SYMBOL_GPL ( secure_ipv4_port_ephemeral ) ;
# endif
2011-12-12 02:58:22 +00:00
# if IS_ENABLED(CONFIG_IP_DCCP)
2011-08-03 20:50:44 -07:00
u64 secure_dccp_sequence_number ( __be32 saddr , __be32 daddr ,
__be16 sport , __be16 dport )
{
u64 seq ;
2013-09-24 06:19:57 -07:00
net_secret_init ( ) ;
2017-01-11 18:10:37 -08:00
seq = siphash_3u32 ( ( __force u32 ) saddr , ( __force u32 ) daddr ,
( __force u32 ) sport < < 16 | ( __force u32 ) dport ,
& net_secret ) ;
2014-08-22 18:32:09 -07:00
seq + = ktime_get_real_ns ( ) ;
2011-08-03 20:50:44 -07:00
seq & = ( 1ull < < 48 ) - 1 ;
return seq ;
}
EXPORT_SYMBOL ( secure_dccp_sequence_number ) ;
2011-12-10 09:48:31 +00:00
# if IS_ENABLED(CONFIG_IPV6)
2011-08-03 20:50:44 -07:00
u64 secure_dccpv6_sequence_number ( __be32 * saddr , __be32 * daddr ,
__be16 sport , __be16 dport )
{
2017-01-08 13:54:02 +01:00
const struct {
struct in6_addr saddr ;
struct in6_addr daddr ;
__be16 sport ;
__be16 dport ;
} __aligned ( SIPHASH_ALIGNMENT ) combined = {
. saddr = * ( struct in6_addr * ) saddr ,
. daddr = * ( struct in6_addr * ) daddr ,
. sport = sport ,
. dport = dport
} ;
2011-08-03 20:50:44 -07:00
u64 seq ;
2013-09-24 06:19:57 -07:00
net_secret_init ( ) ;
2017-01-08 13:54:02 +01:00
seq = siphash ( & combined , offsetofend ( typeof ( combined ) , dport ) ,
& net_secret ) ;
2014-08-22 18:32:09 -07:00
seq + = ktime_get_real_ns ( ) ;
2011-08-03 20:50:44 -07:00
seq & = ( 1ull < < 48 ) - 1 ;
return seq ;
}
EXPORT_SYMBOL ( secure_dccpv6_sequence_number ) ;
# endif
# endif