inet: Avoid ABI change for IP ID hash change

debian/changelog

@@ -30,6 +30,7 @@ linux (4.19.37-5+deb10u2) UNRELEASED; urgency=medium
     - Move swapgs feature bits to existing scattered words
     - Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered
       features word"
+  * inet: Avoid ABI change for IP ID hash change
 
  -- Romain Perier <romain.perier@gmail.com>  Mon, 22 Jul 2019 14:00:00 +0200
 

debian/patches/debian/abi/inet-avoid-abi-change-for-ip-id-hash-change.patch

@@ -0,0 +1,75 @@
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Thu, 08 Aug 2019 02:59:40 +0100
+Subject: inet: Avoid ABI change for IP ID hash change
+Forwarded: not-needed
+
+"inet: switch IP ID generator to siphash" adds a new member to struct
+netns_ipv4.  Since this is embedded in struct net, it changes the
+offsets of all the following members.  However struct net itself is
+not embedded in anything, and is always allocated by built-in code.
+So move the new member to the end of struct net, and hide it from
+genksyms.
+
+Also hide the added element and member from modules, as they won't be
+able to rely on their being present until we bump ABI.
+
+---
+--- a/include/net/net_namespace.h
++++ b/include/net/net_namespace.h
+@@ -163,6 +163,7 @@ struct net {
+ 	atomic_t		fnhe_genid;
+ #if !defined(__GENKSYMS__) && !defined(MODULE)
+ 	int			ipv4_sysctl_tcp_min_snd_mss;
++	siphash_key_t		ipv4_ip_id_key;
+ #endif
+ } __randomize_layout;
+ 
+--- a/include/net/netns/ipv4.h
++++ b/include/net/netns/ipv4.h
+@@ -216,6 +216,6 @@ struct netns_ipv4 {
+ 	unsigned int	ipmr_seq;	/* protected by rtnl_mutex */
+ 
+ 	atomic_t	rt_genid;
+-	siphash_key_t	ip_id_key;
++	/* siphash_key_t ip_id_key; - bwh: moved to end of struct net */
+ };
+ #endif
+--- a/net/ipv4/route.c
++++ b/net/ipv4/route.c
+@@ -503,14 +503,14 @@ void __ip_select_ident(struct net *net,
+ 	u32 hash, id;
+ 
+ 	/* Note the following code is not safe, but this is okay. */
+-	if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key)))
+-		get_random_bytes(&net->ipv4.ip_id_key,
+-				 sizeof(net->ipv4.ip_id_key));
++	if (unlikely(siphash_key_is_zero(&net->ipv4_ip_id_key)))
++		get_random_bytes(&net->ipv4_ip_id_key,
++				 sizeof(net->ipv4_ip_id_key));
+ 
+ 	hash = siphash_3u32((__force u32)iph->daddr,
+ 			    (__force u32)iph->saddr,
+ 			    iph->protocol,
+-			    &net->ipv4.ip_id_key);
++			    &net->ipv4_ip_id_key);
+ 	id = ip_idents_reserve(hash, segs);
+ 	iph->id = htons(id);
+ }
+--- a/net/ipv6/output_core.c
++++ b/net/ipv6/output_core.c
+@@ -24,11 +24,11 @@ static u32 __ipv6_select_ident(struct ne
+ 	u32 hash, id;
+ 
+ 	/* Note the following code is not safe, but this is okay. */
+-	if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key)))
+-		get_random_bytes(&net->ipv4.ip_id_key,
+-				 sizeof(net->ipv4.ip_id_key));
++	if (unlikely(siphash_key_is_zero(&net->ipv4_ip_id_key)))
++		get_random_bytes(&net->ipv4_ip_id_key,
++				 sizeof(net->ipv4_ip_id_key));
+ 
+-	hash = siphash(&combined, sizeof(combined), &net->ipv4.ip_id_key);
++	hash = siphash(&combined, sizeof(combined), &net->ipv4_ip_id_key);
+ 
+ 	/* Treat id of 0 as unset and if we get 0 back from ip_idents_reserve,
+ 	 * set the hight order instead thus minimizing possible future

debian/patches/series

@@ -304,3 +304,4 @@ features/all/ena/0018-net-ena-update-driver-version-from-2.0.1-to-2.0.2.patch
 debian/abi/tcp-avoid-abi-change-for-dos-fixes.patch
 debian/abi/x86-cpufeatures-move-swapgs-feature-bits-to-existing.patch
 debian/abi/revert-x86-cpufeatures-combine-word-11-and-12-into-a-new-sc.patch
+debian/abi/inet-avoid-abi-change-for-ip-id-hash-change.patch