76 lines
2.6 KiB
Diff
76 lines
2.6 KiB
Diff
From: Ben Hutchings <ben@decadent.org.uk>
|
|
Date: Thu, 08 Aug 2019 02:59:40 +0100
|
|
Subject: inet: Avoid ABI change for IP ID hash change
|
|
Forwarded: not-needed
|
|
|
|
"inet: switch IP ID generator to siphash" adds a new member to struct
|
|
netns_ipv4. Since this is embedded in struct net, it changes the
|
|
offsets of all the following members. However struct net itself is
|
|
not embedded in anything, and is always allocated by built-in code.
|
|
So move the new member to the end of struct net, and hide it from
|
|
genksyms.
|
|
|
|
Also hide the added element and member from modules, as they won't be
|
|
able to rely on their being present until we bump ABI.
|
|
|
|
---
|
|
--- a/include/net/net_namespace.h
|
|
+++ b/include/net/net_namespace.h
|
|
@@ -163,6 +163,7 @@ struct net {
|
|
atomic_t fnhe_genid;
|
|
#if !defined(__GENKSYMS__) && !defined(MODULE)
|
|
int ipv4_sysctl_tcp_min_snd_mss;
|
|
+ siphash_key_t ipv4_ip_id_key;
|
|
#endif
|
|
} __randomize_layout;
|
|
|
|
--- a/include/net/netns/ipv4.h
|
|
+++ b/include/net/netns/ipv4.h
|
|
@@ -216,6 +216,6 @@ struct netns_ipv4 {
|
|
unsigned int ipmr_seq; /* protected by rtnl_mutex */
|
|
|
|
atomic_t rt_genid;
|
|
- siphash_key_t ip_id_key;
|
|
+ /* siphash_key_t ip_id_key; - bwh: moved to end of struct net */
|
|
};
|
|
#endif
|
|
--- a/net/ipv4/route.c
|
|
+++ b/net/ipv4/route.c
|
|
@@ -503,14 +503,14 @@ void __ip_select_ident(struct net *net,
|
|
u32 hash, id;
|
|
|
|
/* Note the following code is not safe, but this is okay. */
|
|
- if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key)))
|
|
- get_random_bytes(&net->ipv4.ip_id_key,
|
|
- sizeof(net->ipv4.ip_id_key));
|
|
+ if (unlikely(siphash_key_is_zero(&net->ipv4_ip_id_key)))
|
|
+ get_random_bytes(&net->ipv4_ip_id_key,
|
|
+ sizeof(net->ipv4_ip_id_key));
|
|
|
|
hash = siphash_3u32((__force u32)iph->daddr,
|
|
(__force u32)iph->saddr,
|
|
iph->protocol,
|
|
- &net->ipv4.ip_id_key);
|
|
+ &net->ipv4_ip_id_key);
|
|
id = ip_idents_reserve(hash, segs);
|
|
iph->id = htons(id);
|
|
}
|
|
--- a/net/ipv6/output_core.c
|
|
+++ b/net/ipv6/output_core.c
|
|
@@ -24,11 +24,11 @@ static u32 __ipv6_select_ident(struct ne
|
|
u32 hash, id;
|
|
|
|
/* Note the following code is not safe, but this is okay. */
|
|
- if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key)))
|
|
- get_random_bytes(&net->ipv4.ip_id_key,
|
|
- sizeof(net->ipv4.ip_id_key));
|
|
+ if (unlikely(siphash_key_is_zero(&net->ipv4_ip_id_key)))
|
|
+ get_random_bytes(&net->ipv4_ip_id_key,
|
|
+ sizeof(net->ipv4_ip_id_key));
|
|
|
|
- hash = siphash(&combined, sizeof(combined), &net->ipv4.ip_id_key);
|
|
+ hash = siphash(&combined, sizeof(combined), &net->ipv4_ip_id_key);
|
|
|
|
/* Treat id of 0 as unset and if we get 0 back from ip_idents_reserve,
|
|
* set the hight order instead thus minimizing possible future
|