Received: by 2002:a05:6602:2086:0:0:0:0 with SMTP id a6csp4894903ioa; Wed, 27 Apr 2022 13:43:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyzJxse4XmUAO+F8BdTYS0oyjDmy+qO+AZPk83Zn5mfL7l4eya0RI01y82z+j3baGe2ntQQ X-Received: by 2002:a05:6402:4393:b0:426:1500:2a4a with SMTP id o19-20020a056402439300b0042615002a4amr5893215edc.97.1651092222160; Wed, 27 Apr 2022 13:43:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651092222; cv=none; d=google.com; s=arc-20160816; b=qeElBRwr139onKb87lsPyybRZu2yLdhOBqbCyVZlzGm+of17Hn/1hj1al8g53Mjtgw 0y0EA3ggopo+Wj71/vd0G5xuAgzLOWmmFVQowwLi2ufokqJtsctpsbVYa/lXboCUOq2Z lx2xhtW0W8+1wZ7oPKnrYlwLIIXozrmXHV1XrNbIG6N3OLnz429TsUEKDTtt+iHZi+IG E1j+zkkc8IOCo8XxCy7rpDifdUdL6EU1wykBLM0hfxTOh+0O59WdwMqxHJxPh6wY8zIf sKu3cCza9/OZXBshpdMZV2c2sBCkhp9mVRfQm+sMJJpNsos4jzCX6qn2R1cdGLGehqoX W4QA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=bwl7zB5ySd3uOcd/sujB6odSqTUmSuOywjAuDQAb+sQ=; b=NCkRFtQjmD5972+D6/f5R6T0xYx+snlt5iGy/gvBoT2Z1q2/Lu3IURglCUU9Fy9dPb wlnPMZ4pYZZV9OWIpa7is9mBn7nNILGKwUiwhpPLqy370Q+fLoS9cghoqDVehWqcH5dl Tdf3Sr3iPok9KmwznP1T6xpVZOFWzr/FyWmFUXYIhsjlV50HxxP55Q2lQJmR/84uaewq jJlSR9+2ehCkegs0vgVa7PDvW7wMplUK9imJhFFgde/jl81BUAiqqgcQFyjWiSnZvJqJ xlcuG3mk9SI1jlTHW5nPVuOivsN22/f/N25I6f181WYNRIp8tbqlUCL5aVP6nWx+evb3 j7sA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g17-20020a170906539100b006df76385ee2si2109781ejo.898.2022.04.27.13.43.18; Wed, 27 Apr 2022 13:43:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235495AbiD0UXL (ORCPT + 99 others); Wed, 27 Apr 2022 16:23:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59842 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235403AbiD0UXH (ORCPT ); Wed, 27 Apr 2022 16:23:07 -0400 Received: from 1wt.eu (wtarreau.pck.nerim.net [62.212.114.60]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 8E72891557; Wed, 27 Apr 2022 13:19:51 -0700 (PDT) Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id 23RKJdO9004481; Wed, 27 Apr 2022 22:19:39 +0200 Date: Wed, 27 Apr 2022 22:19:39 +0200 From: Willy Tarreau To: "Jason A. Donenfeld" Cc: netdev@vger.kernel.org, David Miller , Jakub Kicinski , Eric Dumazet , Moshe Kol , Yossi Gilad , Amit Klein , linux-kernel@vger.kernel.org Subject: Re: [PATCH net 1/7] secure_seq: return the full 64-bit of the siphash Message-ID: <20220427201938.GC4326@1wt.eu> References: <20220427065233.2075-1-w@1wt.eu> <20220427065233.2075-2-w@1wt.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Jason, On Wed, Apr 27, 2022 at 07:18:48PM +0200, Jason A. Donenfeld wrote: > Hi Willy, > > On Wed, Apr 27, 2022 at 08:52:27AM +0200, Willy Tarreau wrote: > > diff --git a/include/net/secure_seq.h b/include/net/secure_seq.h > > index d7d2495f83c2..5cea9ed9c773 100644 > > --- a/include/net/secure_seq.h > > +++ b/include/net/secure_seq.h > > @@ -4,7 +4,7 @@ > > > > #include > > > > -u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); > > +u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); > > u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, > > __be16 dport); > > u32 secure_tcp_seq(__be32 saddr, __be32 daddr, > > diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c > > index 9b8443774449..2cdd43a63f64 100644 > > --- a/net/core/secure_seq.c > > +++ b/net/core/secure_seq.c > > @@ -142,7 +142,7 @@ u32 secure_tcp_seq(__be32 saddr, __be32 daddr, > > } > > EXPORT_SYMBOL_GPL(secure_tcp_seq); > > > > -u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) > > +u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) > > { > > net_secret_init(); > > return siphash_3u32((__force u32)saddr, (__force u32)daddr, > > Should you be doing the same with secure_ipv6_port_ephemeral() too? Why > the asymmetry? I remember not finding it in the similar code path, but maybe I missed something. It's used by inet6_sk_port_offset() which also returns a u32, itself used by inet6_hash_connect() and passed to __inet_hash_connect(). Hmmm the loop is now closed, I don't know how I missed it. So yes I agree that it would definitely be needed. I'll update the patch, many thanks! Willy