Re: [PATCH v4 1/1] net: fastopen: robustness and endianness fixes for SipHash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
Date: Wed, 19 Jun 2019 23:46:28 +0200

> Some changes to the TCP fastopen code to make it more robust
> against future changes in the choice of key/cookie size, etc.
> 
> - Instead of keeping the SipHash key in an untyped u8[] buffer
>   and casting it to the right type upon use, use the correct
>   type directly. This ensures that the key will appear at the
>   correct alignment if we ever change the way these data
>   structures are allocated. (Currently, they are only allocated
>   via kmalloc so they always appear at the correct alignment)
> 
> - Use DIV_ROUND_UP when sizing the u64[] array to hold the
>   cookie, so it is always of sufficient size, even if
>   TCP_FASTOPEN_COOKIE_MAX is no longer a multiple of 8.
> 
> - Drop the 'len' parameter from the tcp_fastopen_reset_cipher()
>   function, which is no longer used.
> 
> - Add endian swabbing when setting the keys and calculating the hash,
>   to ensure that cookie values are the same for a given key and
>   source/destination address pair regardless of the endianness of
>   the server.
> 
> Note that none of these are functional changes wrt the current
> state of the code, with the exception of the swabbing, which only
> affects big endian systems.
> 
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>

Applied, thank you.



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux