Release 4.8 net/core/secure_seq.c
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/cryptohash.h>
#include <linux/module.h>
#include <linux/cache.h>
#include <linux/random.h>
#include <linux/hrtimer.h>
#include <linux/ktime.h>
#include <linux/string.h>
#include <linux/net.h>
#include <net/secure_seq.h>
#if IS_ENABLED(CONFIG_IPV6) || IS_ENABLED(CONFIG_INET)
#define NET_SECRET_SIZE (MD5_MESSAGE_BYTES / 4)
static u32 net_secret[NET_SECRET_SIZE] ____cacheline_aligned;
static __always_inline void net_secret_init(void)
{
net_get_random_once(net_secret, sizeof(net_secret));
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| david s. miller | david s. miller | 10 | 52.63% | 1 | 20.00% |
| eric dumazet | eric dumazet | 6 | 31.58% | 2 | 40.00% |
| hannes frederic sowa | hannes frederic sowa | 3 | 15.79% | 2 | 40.00% |
| Total | 19 | 100.00% | 5 | 100.00% |
#endif
#ifdef CONFIG_INET
static u32 seq_scale(u32 seq)
{
/*
* As close as possible to RFC 793, which
* suggests using a 250 kHz clock.
* Further reading shows this assumes 2 Mb/s networks.
* For 10 Mb/s Ethernet, a 1 MHz clock is appropriate.
* For 10 Gb/s Ethernet, a 1 GHz clock should be ok, but
* we also need to limit the resolution so that the u32 seq
* overlaps less than one time per MSL (2 minutes).
* Choosing a clock of 64 ns period is OK. (period of 274 s)
*/
return seq + (ktime_get_real_ns() >> 6);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| david s. miller | david s. miller | 19 | 95.00% | 1 | 50.00% |
| eric dumazet | eric dumazet | 1 | 5.00% | 1 | 50.00% |
| Total | 20 | 100.00% | 2 | 100.00% |
#endif
#if IS_ENABLED(CONFIG_IPV6)
__u32 secure_tcpv6_sequence_number(const __be32 *saddr, const __be32 *daddr,
__be16 sport, __be16 dport)
{
u32 secret[MD5_MESSAGE_BYTES / 4];
u32 hash[MD5_DIGEST_WORDS];
u32 i;
net_secret_init();
memcpy(hash, saddr, 16);
for (i = 0; i < 4; i++)
secret[i] = net_secret[i] + (__force u32)daddr[i];
secret[4] = net_secret[4] +
(((__force u16)sport << 16) + (__force u16)dport);
for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
secret[i] = net_secret[i];
md5_transform(hash, secret);
return seq_scale(hash[0]);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| david s. miller | david s. miller | 142 | 94.04% | 1 | 25.00% |
| eric dumazet | eric dumazet | 9 | 5.96% | 3 | 75.00% |
| Total | 151 | 100.00% | 4 | 100.00% |
EXPORT_SYMBOL(secure_tcpv6_sequence_number);
u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
__be16 dport)
{
u32 secret[MD5_MESSAGE_BYTES / 4];
u32 hash[MD5_DIGEST_WORDS];
u32 i;
net_secret_init();
memcpy(hash, saddr, 16);
for (i = 0; i < 4; i++)
secret[i] = net_secret[i] + (__force u32) daddr[i];
secret[4] = net_secret[4] + (__force u32)dport;
for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
secret[i] = net_secret[i];
md5_transform(hash, secret);
return hash[0];
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| david s. miller | david s. miller | 130 | 97.74% | 1 | 50.00% |
| eric dumazet | eric dumazet | 3 | 2.26% | 1 | 50.00% |
| Total | 133 | 100.00% | 2 | 100.00% |
EXPORT_SYMBOL(secure_ipv6_port_ephemeral);
#endif
#ifdef CONFIG_INET
__u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
__be16 sport, __be16 dport)
{
u32 hash[MD5_DIGEST_WORDS];
net_secret_init();
hash[0] = (__force u32)saddr;
hash[1] = (__force u32)daddr;
hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
hash[3] = net_secret[15];
md5_transform(hash, net_secret);
return seq_scale(hash[0]);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| david s. miller | david s. miller | 92 | 96.84% | 1 | 50.00% |
| eric dumazet | eric dumazet | 3 | 3.16% | 1 | 50.00% |
| Total | 95 | 100.00% | 2 | 100.00% |
u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport)
{
u32 hash[MD5_DIGEST_WORDS];
net_secret_init();
hash[0] = (__force u32)saddr;
hash[1] = (__force u32)daddr;
hash[2] = (__force u32)dport ^ net_secret[14];
hash[3] = net_secret[15];
md5_transform(hash, net_secret);
return hash[0];
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| david s. miller | david s. miller | 81 | 96.43% | 1 | 50.00% |
| eric dumazet | eric dumazet | 3 | 3.57% | 1 | 50.00% |
| Total | 84 | 100.00% | 2 | 100.00% |
EXPORT_SYMBOL_GPL(secure_ipv4_port_ephemeral);
#endif
#if IS_ENABLED(CONFIG_IP_DCCP)
u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
__be16 sport, __be16 dport)
{
u32 hash[MD5_DIGEST_WORDS];
u64 seq;
net_secret_init();
hash[0] = (__force u32)saddr;
hash[1] = (__force u32)daddr;
hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
hash[3] = net_secret[15];
md5_transform(hash, net_secret);
seq = hash[0] | (((u64)hash[1]) << 32);
seq += ktime_get_real_ns();
seq &= (1ull << 48) - 1;
return seq;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| david s. miller | david s. miller | 124 | 96.88% | 1 | 33.33% |
| eric dumazet | eric dumazet | 4 | 3.12% | 2 | 66.67% |
| Total | 128 | 100.00% | 3 | 100.00% |
EXPORT_SYMBOL(secure_dccp_sequence_number);
#if IS_ENABLED(CONFIG_IPV6)
u64 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr,
__be16 sport, __be16 dport)
{
u32 secret[MD5_MESSAGE_BYTES / 4];
u32 hash[MD5_DIGEST_WORDS];
u64 seq;
u32 i;
net_secret_init();
memcpy(hash, saddr, 16);
for (i = 0; i < 4; i++)
secret[i] = net_secret[i] + (__force u32)daddr[i];
secret[4] = net_secret[4] +
(((__force u16)sport << 16) + (__force u16)dport);
for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
secret[i] = net_secret[i];
md5_transform(hash, secret);
seq = hash[0] | (((u64)hash[1]) << 32);
seq += ktime_get_real_ns();
seq &= (1ull << 48) - 1;
return seq;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| david s. miller | david s. miller | 174 | 95.60% | 1 | 25.00% |
| eric dumazet | eric dumazet | 8 | 4.40% | 3 | 75.00% |
| Total | 182 | 100.00% | 4 | 100.00% |
EXPORT_SYMBOL(secure_dccpv6_sequence_number);
#endif
#endif
Overall Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| david s. miller | david s. miller | 855 | 92.03% | 1 | 7.14% |
| eric dumazet | eric dumazet | 44 | 4.74% | 7 | 50.00% |
| fabio estevam | fabio estevam | 13 | 1.40% | 1 | 7.14% |
| hannes frederic sowa | hannes frederic sowa | 6 | 0.65% | 2 | 14.29% |
| patrick mchardy | patrick mchardy | 5 | 0.54% | 1 | 7.14% |
| stephen boyd | stephen boyd | 5 | 0.54% | 1 | 7.14% |
| igor maravic | igor maravic | 1 | 0.11% | 1 | 7.14% |
| Total | 929 | 100.00% | 14 | 100.00% |
Information contained on this website is for historical information purposes only and does not indicate or represent copyright ownership.