Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp709216pxv; Thu, 15 Jul 2021 14:06:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzQKL9wo1cxjQzRieOIfl+kQGBqDEdIFz5z4jYy2vJYZZThEjDd0ByMwjVnP/rNmzf3Eos7 X-Received: by 2002:a17:906:7a56:: with SMTP id i22mr7505138ejo.94.1626383158570; Thu, 15 Jul 2021 14:05:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1626383158; cv=none; d=google.com; s=arc-20160816; b=M0Z8CGH9SzJKhvNkjQ+8CDZQwuBS8pvcyUfqsKQvWSjDCMARZjPyl215qwNtvaBJb5 DESGoYSoWHTfDG1X/ki0KMGaSJGiLFk5LIWkD36rOcTjyu5PQVqo1jHIsrAA8sHOl2SG xt3GazaoQwGMndy3MPLl1CExenov8ZhKmP0ik2ZHoJuAgtGaFJe/bEUxZg+umNT8uiYY OU8rq4SiRf1BB819Oftl8OUBg0G8tQGE1up+/Zy1dlj+EiuZg51izJYG8t+X8Cnvo6kV +WwKRIcm40zycTQW5HRWKnXor8u78EQwqUYCRx0xKUFEnosqrRbsuK1jLzuM5Bp3Zzd+ k8yg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=3cAuRz7NIHBv6J4XkK7IwHFYixxdBpbGReUe5CGeZhs=; b=cnbDf95tOiXP4tfxQv7EqVIsuAiMqtF9tTGUg6924Y/Myz6b3dw0CEZOifiGxmF6s0 x2MUlyhZblPVyYIb9lHxVyQM3Vf/sY/hHag4ScyY/2Nd8m7KTcelN9afQzsTVsqzjyN9 kavLGv6SGalRavgmTXM4Ls3Lu4lfom4yKN55xUm/jZzGkXcpmbZZW3AEQ8EJ3pEYas5Z yYK34WsCvp48l1S3QRKq9spYDFWl14Em8S8tL/fYbQ2MS66x0s4DUF0MUMz3srFmYUgq pymXv80TpkwWl0ZvzkSUhIWI75fdo3VLaGKqjWAKnvE4wt4dRPdIjv9fs5q2FcusveRM 2cdg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=jjmHOC3H; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bq7si5933144ejb.576.2021.07.15.14.05.33; Thu, 15 Jul 2021 14:05:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=jjmHOC3H; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244530AbhGOTOy (ORCPT + 99 others); Thu, 15 Jul 2021 15:14:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:35016 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241208AbhGOS6u (ORCPT ); Thu, 15 Jul 2021 14:58:50 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 05D4B613EB; Thu, 15 Jul 2021 18:55:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1626375345; bh=NKRBa+ZnalVf/of+MHcxQ4XWS/mH2Exv8L+GNaH1lEg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=jjmHOC3HfsMd7Z834ufYxmE0LYBQDbz/B9gM2fobmsh7t0ZsqGru9vYS3UOuEXZnr KL1mRtzjsja3lrnolq7lR4hdfniN8psFUlKNwf7TVvIrgZkNxzxczXoyy3oCRktQN9 b1Hf0BuE1kCo5fuh+PyvwJbmHoBFxYnOeGV3kyP4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Amit Klein , Willy Tarreau , Eric Dumazet , Jakub Kicinski , Sasha Levin Subject: [PATCH 5.12 047/242] ipv6: use prandom_u32() for ID generation Date: Thu, 15 Jul 2021 20:36:49 +0200 Message-Id: <20210715182600.463228673@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210715182551.731989182@linuxfoundation.org> References: <20210715182551.731989182@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Willy Tarreau [ Upstream commit 62f20e068ccc50d6ab66fdb72ba90da2b9418c99 ] This is a complement to commit aa6dd211e4b1 ("inet: use bigger hash table for IP ID generation"), but focusing on some specific aspects of IPv6. Contary to IPv4, IPv6 only uses packet IDs with fragments, and with a minimum MTU of 1280, it's much less easy to force a remote peer to produce many fragments to explore its ID sequence. In addition packet IDs are 32-bit in IPv6, which further complicates their analysis. On the other hand, it is often easier to choose among plenty of possible source addresses and partially work around the bigger hash table the commit above permits, which leaves IPv6 partially exposed to some possibilities of remote analysis at the risk of weakening some protocols like DNS if some IDs can be predicted with a good enough probability. Given the wide range of permitted IDs, the risk of collision is extremely low so there's no need to rely on the positive increment algorithm that is shared with the IPv4 code via ip_idents_reserve(). We have a fast PRNG, so let's simply call prandom_u32() and be done with it. Performance measurements at 10 Gbps couldn't show any difference with the previous code, even when using a single core, because due to the large fragments, we're limited to only ~930 kpps at 10 Gbps and the cost of the random generation is completely offset by other operations and by the network transfer time. In addition, this change removes the need to update a shared entry in the idents table so it may even end up being slightly faster on large scale systems where this matters. The risk of at least one collision here is about 1/80 million among 10 IDs, 1/850k among 100 IDs, and still only 1/8.5k among 1000 IDs, which remains very low compared to IPv4 where all IDs are reused every 4 to 80ms on a 10 Gbps flow depending on packet sizes. Reported-by: Amit Klein Signed-off-by: Willy Tarreau Reviewed-by: Eric Dumazet Link: https://lore.kernel.org/r/20210529110746.6796-1-w@1wt.eu Signed-off-by: Jakub Kicinski Signed-off-by: Sasha Levin --- net/ipv6/output_core.c | 28 +++++----------------------- 1 file changed, 5 insertions(+), 23 deletions(-) diff --git a/net/ipv6/output_core.c b/net/ipv6/output_core.c index af36acc1a644..2880dc7d9a49 100644 --- a/net/ipv6/output_core.c +++ b/net/ipv6/output_core.c @@ -15,29 +15,11 @@ static u32 __ipv6_select_ident(struct net *net, const struct in6_addr *dst, const struct in6_addr *src) { - const struct { - struct in6_addr dst; - struct in6_addr src; - } __aligned(SIPHASH_ALIGNMENT) combined = { - .dst = *dst, - .src = *src, - }; - u32 hash, id; - - /* Note the following code is not safe, but this is okay. */ - if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key))) - get_random_bytes(&net->ipv4.ip_id_key, - sizeof(net->ipv4.ip_id_key)); - - hash = siphash(&combined, sizeof(combined), &net->ipv4.ip_id_key); - - /* Treat id of 0 as unset and if we get 0 back from ip_idents_reserve, - * set the hight order instead thus minimizing possible future - * collisions. - */ - id = ip_idents_reserve(hash, 1); - if (unlikely(!id)) - id = 1 << 31; + u32 id; + + do { + id = prandom_u32(); + } while (!id); return id; } -- 2.30.2