From e21b6d69b1e65b341d6c2177258ee2b38c5f6374 Mon Sep 17 00:00:00 2001
From: David Gibson <david@gibson.dropbear.id.au>
Date: Thu, 30 Nov 2023 13:02:21 +1100
Subject: tcp: "TCP" hash secret doesn't need to be TCP specific

The TCP state structure includes a 128-bit hash_secret which we use for
SipHash calculations to mitigate attacks on the TCP hash table and initial
sequence number.

We have plans to use SipHash in places that aren't TCP related, and there's
no particular reason they'd need their own secret.  So move the hash_secret
to the general context structure.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 passt.c | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

(limited to 'passt.c')

diff --git a/passt.c b/passt.c
index 8ddd9b3..0246b04 100644
--- a/passt.c
+++ b/passt.c
@@ -35,6 +35,9 @@
 #include <syslog.h>
 #include <sys/prctl.h>
 #include <netinet/if_ether.h>
+#ifdef HAS_GETRANDOM
+#include <sys/random.h>
+#endif
 
 #include "util.h"
 #include "passt.h"
@@ -103,6 +106,41 @@ static void post_handler(struct ctx *c, const struct timespec *now)
 #undef CALL_PROTO_HANDLER
 }
 
+/**
+ * secret_init() - Create secret value for SipHash calculations
+ * @c:		Execution context
+ */
+static void secret_init(struct ctx *c)
+{
+#ifndef HAS_GETRANDOM
+	int dev_random = open("/dev/random", O_RDONLY);
+	unsigned int random_read = 0;
+
+	while (dev_random && random_read < sizeof(c->hash_secret)) {
+		int ret = read(dev_random,
+			       (uint8_t *)&c->hash_secret + random_read,
+			       sizeof(c->hash_secret) - random_read);
+
+		if (ret == -1 && errno == EINTR)
+			continue;
+
+		if (ret <= 0)
+			break;
+
+		random_read += ret;
+	}
+	if (dev_random >= 0)
+		close(dev_random);
+	if (random_read < sizeof(c->hash_secret)) {
+#else
+	if (getrandom(&c->hash_secret, sizeof(c->hash_secret),
+		      GRND_RANDOM) < 0) {
+#endif /* !HAS_GETRANDOM */
+		perror("TCP initial sequence getrandom");
+		exit(EXIT_FAILURE);
+	}
+}
+
 /**
  * timer_init() - Set initial timestamp for timer runs to current time
  * @c:		Execution context
@@ -237,6 +275,8 @@ int main(int argc, char **argv)
 
 	tap_sock_init(&c);
 
+	secret_init(&c);
+
 	clock_gettime(CLOCK_MONOTONIC, &now);
 
 	if ((!c.no_udp && udp_init(&c)) || (!c.no_tcp && tcp_init(&c)))
-- 
cgit v1.2.3