diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2023-11-30 13:02:21 +1100 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2023-12-04 09:51:32 +0100 |
| commit | e21b6d69b1e65b341d6c2177258ee2b38c5f6374 (patch) | |
| tree | 497e59d20ef6a1751b0094d42425e8ad2c34e109 /passt.c | |
| parent | cf83988e967405e898f85bec3da04714b1557397 (diff) | |
| download | passt-e21b6d69b1e65b341d6c2177258ee2b38c5f6374.tar passt-e21b6d69b1e65b341d6c2177258ee2b38c5f6374.tar.gz passt-e21b6d69b1e65b341d6c2177258ee2b38c5f6374.tar.bz2 passt-e21b6d69b1e65b341d6c2177258ee2b38c5f6374.tar.lz passt-e21b6d69b1e65b341d6c2177258ee2b38c5f6374.tar.xz passt-e21b6d69b1e65b341d6c2177258ee2b38c5f6374.tar.zst passt-e21b6d69b1e65b341d6c2177258ee2b38c5f6374.zip | |
tcp: "TCP" hash secret doesn't need to be TCP specific
The TCP state structure includes a 128-bit hash_secret which we use for
SipHash calculations to mitigate attacks on the TCP hash table and initial
sequence number.
We have plans to use SipHash in places that aren't TCP related, and there's
no particular reason they'd need their own secret. So move the hash_secret
to the general context structure.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'passt.c')
| -rw-r--r-- | passt.c | 40 |
1 files changed, 40 insertions, 0 deletions
@@ -35,6 +35,9 @@ #include <syslog.h> #include <sys/prctl.h> #include <netinet/if_ether.h> +#ifdef HAS_GETRANDOM +#include <sys/random.h> +#endif #include "util.h" #include "passt.h" @@ -104,6 +107,41 @@ static void post_handler(struct ctx *c, const struct timespec *now) } /** + * secret_init() - Create secret value for SipHash calculations + * @c: Execution context + */ +static void secret_init(struct ctx *c) +{ +#ifndef HAS_GETRANDOM + int dev_random = open("/dev/random", O_RDONLY); + unsigned int random_read = 0; + + while (dev_random && random_read < sizeof(c->hash_secret)) { + int ret = read(dev_random, + (uint8_t *)&c->hash_secret + random_read, + sizeof(c->hash_secret) - random_read); + + if (ret == -1 && errno == EINTR) + continue; + + if (ret <= 0) + break; + + random_read += ret; + } + if (dev_random >= 0) + close(dev_random); + if (random_read < sizeof(c->hash_secret)) { +#else + if (getrandom(&c->hash_secret, sizeof(c->hash_secret), + GRND_RANDOM) < 0) { +#endif /* !HAS_GETRANDOM */ + perror("TCP initial sequence getrandom"); + exit(EXIT_FAILURE); + } +} + +/** * timer_init() - Set initial timestamp for timer runs to current time * @c: Execution context * @now: Current timestamp @@ -237,6 +275,8 @@ int main(int argc, char **argv) tap_sock_init(&c); + secret_init(&c); + clock_gettime(CLOCK_MONOTONIC, &now); if ((!c.no_udp && udp_init(&c)) || (!c.no_tcp && tcp_init(&c))) |