Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1bbdceef authored by Hannes Frederic Sowa's avatar Hannes Frederic Sowa Committed by David S. Miller
Browse files

inet: convert inet_ehash_secret and ipv6_hash_secret to net_get_random_once 



Initialize the ehash and ipv6_hash_secrets with net_get_random_once.

Each compilation unit gets its own secret now:
  ipv4/inet_hashtables.o
  ipv4/udp.o
  ipv6/inet6_hashtables.o
  ipv6/udp.o
  rds/connection.o

The functions still get inlined into the hashing functions. In the fast
path we have at most two (needed in ipv6) if (unlikely(...)).

Cc: Eric Dumazet <edumazet@google.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: default avatarHannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent b23a002f

include/net/inet_sock.h

+0 −4
Original line number Diff line number Diff line
@@ -204,10 +204,6 @@ static inline void inet_sk_copy_descendant(struct sock *sk_to, 


int inet_sk_rebuild_header(struct sock *sk);



extern u32 inet_ehash_secret;

extern u32 ipv6_hash_secret;

void build_ehash_secret(void);



static inline unsigned int __inet_ehashfn(const __be32 laddr,

					  const __u16 lport,

					  const __be32 faddr,

net/ipv4/af_inet.c

+0 −27
Original line number Diff line number Diff line
@@ -245,29 +245,6 @@ out: 
}

EXPORT_SYMBOL(inet_listen);



u32 inet_ehash_secret __read_mostly;

EXPORT_SYMBOL(inet_ehash_secret);



u32 ipv6_hash_secret __read_mostly;

EXPORT_SYMBOL(ipv6_hash_secret);



/*

 * inet_ehash_secret must be set exactly once, and to a non nul value

 * ipv6_hash_secret must be set exactly once.

 */

void build_ehash_secret(void)

{

	u32 rnd;



	do {

		get_random_bytes(&rnd, sizeof(rnd));

	} while (rnd == 0);



	if (cmpxchg(&inet_ehash_secret, 0, rnd) == 0)

		get_random_bytes(&ipv6_hash_secret, sizeof(ipv6_hash_secret));

}

EXPORT_SYMBOL(build_ehash_secret);



/*

 *	Create an inet socket.

 */
@@ -284,10 +261,6 @@ static int inet_create(struct net *net, struct socket *sock, int protocol, 
	int try_loading_module = 0;

	int err;



	if (unlikely(!inet_ehash_secret))

		if (sock->type != SOCK_RAW && sock->type != SOCK_DGRAM)

			build_ehash_secret();



	sock->state = SS_UNCONNECTED;



	/* Look for the requested type/protocol pair. */

net/ipv4/inet_hashtables.c

+4 −0
Original line number Diff line number Diff line
@@ -28,6 +28,10 @@ static unsigned int inet_ehashfn(struct net *net, const __be32 laddr, 
				 const __u16 lport, const __be32 faddr,

				 const __be16 fport)

{

	static u32 inet_ehash_secret __read_mostly;



	net_get_random_once(&inet_ehash_secret, sizeof(inet_ehash_secret));



	return __inet_ehashfn(laddr, lport, faddr, fport,

			      inet_ehash_secret + net_hash_mix(net));

}

net/ipv4/udp.c

+5 −1
Original line number Diff line number Diff line
@@ -411,8 +411,12 @@ static unsigned int udp_ehashfn(struct net *net, const __be32 laddr, 
				 const __u16 lport, const __be32 faddr,

				 const __be16 fport)

{

	static u32 udp_ehash_secret __read_mostly;



	net_get_random_once(&udp_ehash_secret, sizeof(udp_ehash_secret));



	return __inet_ehashfn(laddr, lport, faddr, fport,

			      inet_ehash_secret + net_hash_mix(net));

			      udp_ehash_secret + net_hash_mix(net));

}

net/ipv6/af_inet6.c

+0 −5
Original line number Diff line number Diff line
@@ -110,11 +110,6 @@ static int inet6_create(struct net *net, struct socket *sock, int protocol, 
	int try_loading_module = 0;

	int err;



	if (sock->type != SOCK_RAW &&

	    sock->type != SOCK_DGRAM &&

	    !inet_ehash_secret)

		build_ehash_secret();



	/* Look for the requested type/protocol pair. */

lookup_protocol:

	err = -ESOCKTNOSUPPORT;