From ca6e94702cfbe29b279cf18f39a0fe492fae6f83 Mon Sep 17 00:00:00 2001
From: David Gibson <david@gibson.dropbear.id.au>
Date: Thu, 28 Sep 2023 11:20:53 +1000
Subject: siphash: Make siphash functions consistently return 64-bit results

Some of the siphas_*b() functions return 64-bit results, others 32-bit
results, with no obvious pattern.  siphash_32b() also appears to do this
incorrectly - taking the 64-bit hash value and simply returning it
truncated, rather than folding the two halves together.

Since SipHash proper is defined to give a 64-bit hash, make all of them
return 64-bit results.  In the one caller which needs a 32-bit value,
tcp_seq_init() do the fold down to 32-bits ourselves.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 siphash.c | 17 +++++++----------
 siphash.h |  6 +++---
 tcp.c     |  7 ++++---
 3 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/siphash.c b/siphash.c
index e266e15..20009fe 100644
--- a/siphash.c
+++ b/siphash.c
@@ -61,7 +61,6 @@
 	uint64_t v[4] = { 0x736f6d6570736575ULL, 0x646f72616e646f6dULL,	  \
 			  0x6c7967656e657261ULL, 0x7465646279746573ULL }; \
 	uint64_t b = (uint64_t)(len) << 56;				  \
-	uint32_t ret;							  \
 	int __i;							  \
 									  \
 	do {								  \
@@ -93,8 +92,6 @@
 		v[2] ^= 0xff;						  \
 		SIPROUND(4);						  \
 		b = (v[0] ^ v[1]) ^ (v[2] ^ v[3]);			  \
-		ret = (uint32_t)(b >> 32) ^ (uint32_t)b;		  \
-		(void)ret;						  \
 	} while (0)
 
 /**
@@ -132,12 +129,12 @@ uint64_t siphash_8b(const uint8_t *in, const uint64_t *k)
  * @in:		Input data (two addresses, two ports)
  * @k:		Hash function key, 128 bits
  *
- * Return: 32 bits obtained by XORing the two halves of the 64-bit hash output
+ * Return: the 64-bit hash output
  */
 /* NOLINTNEXTLINE(clang-diagnostic-unknown-attributes) */
 __attribute__((optimize("-fno-strict-aliasing")))	/* See siphash_8b() */
 /* cppcheck-suppress unusedFunction */
-uint32_t siphash_12b(const uint8_t *in, const uint64_t *k)
+uint64_t siphash_12b(const uint8_t *in, const uint64_t *k)
 {
 	uint32_t *in32 = (uint32_t *)in;
 	uint64_t combined;
@@ -151,7 +148,7 @@ uint32_t siphash_12b(const uint8_t *in, const uint64_t *k)
 	b |= *(in32 + 2);
 	POSTAMBLE;
 
-	return ret;
+	return b;
 }
 
 /**
@@ -194,7 +191,7 @@ uint64_t siphash_20b(const uint8_t *in, const uint64_t *k)
 /* NOLINTNEXTLINE(clang-diagnostic-unknown-attributes) */
 __attribute__((optimize("-fno-strict-aliasing")))	/* See siphash_8b() */
 /* cppcheck-suppress unusedFunction */
-uint32_t siphash_32b(const uint8_t *in, const uint64_t *k)
+uint64_t siphash_32b(const uint8_t *in, const uint64_t *k)
 {
 	uint64_t *in64 = (uint64_t *)in;
 	int i;
@@ -217,11 +214,11 @@ uint32_t siphash_32b(const uint8_t *in, const uint64_t *k)
  * @in:		Input data (two addresses, two ports)
  * @k:		Hash function key, 128 bits
  *
- * Return: 32 bits obtained by XORing the two halves of the 64-bit hash output
+ * Return: the 64-bit hash output
  */
 /* NOLINTNEXTLINE(clang-diagnostic-unknown-attributes) */
 __attribute__((optimize("-fno-strict-aliasing")))	/* See siphash_8b() */
-uint32_t siphash_36b(const uint8_t *in, const uint64_t *k)
+uint64_t siphash_36b(const uint8_t *in, const uint64_t *k)
 {
 	uint32_t *in32 = (uint32_t *)in;
 	int i;
@@ -239,5 +236,5 @@ uint32_t siphash_36b(const uint8_t *in, const uint64_t *k)
 	b |= *in32;
 	POSTAMBLE;
 
-	return ret;
+	return b;
 }
diff --git a/siphash.h b/siphash.h
index 5b0d0c3..de04c56 100644
--- a/siphash.h
+++ b/siphash.h
@@ -7,9 +7,9 @@
 #define SIPHASH_H
 
 uint64_t siphash_8b(const uint8_t *in, const uint64_t *k);
-uint32_t siphash_12b(const uint8_t *in, const uint64_t *k);
+uint64_t siphash_12b(const uint8_t *in, const uint64_t *k);
 uint64_t siphash_20b(const uint8_t *in, const uint64_t *k);
-uint32_t siphash_32b(const uint8_t *in, const uint64_t *k);
-uint32_t siphash_36b(const uint8_t *in, const uint64_t *k);
+uint64_t siphash_32b(const uint8_t *in, const uint64_t *k);
+uint64_t siphash_36b(const uint8_t *in, const uint64_t *k);
 
 #endif /* SIPHASH_H */
diff --git a/tcp.c b/tcp.c
index 2933123..19baba5 100644
--- a/tcp.c
+++ b/tcp.c
@@ -1826,7 +1826,8 @@ static void tcp_seq_init(const struct ctx *c, struct tcp_tap_conn *conn,
 		.srcport = conn->fport,
 		.dstport = conn->eport,
 	};
-	uint32_t ns, seq = 0;
+	uint64_t hash;
+	uint32_t ns;
 
 	if (CONN_V4(conn))
 		inany_from_af(&aany, AF_INET, &c->ip4.addr);
@@ -1834,12 +1835,12 @@ static void tcp_seq_init(const struct ctx *c, struct tcp_tap_conn *conn,
 		inany_from_af(&aany, AF_INET6, &c->ip6.addr);
 	in.dst = aany;
 
-	seq = siphash_36b((uint8_t *)&in, c->tcp.hash_secret);
+	hash = siphash_36b((uint8_t *)&in, c->tcp.hash_secret);
 
 	/* 32ns ticks, overflows 32 bits every 137s */
 	ns = (now->tv_sec * 1000000000 + now->tv_nsec) >> 5;
 
-	conn->seq_to_tap = seq + ns;
+	conn->seq_to_tap = ((uint32_t)(hash >> 32) ^ (uint32_t)hash) + ns;
 }
 
 /**
-- 
cgit v1.2.3