| Message ID | 20241008121307.800040-1-edumazet@google.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 4daf4dc275f1aa3b9629334c4185d62b7bdff1c4 |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net-next] ipv6: switch inet6_acaddr_hash() to less predictable hash | expand |
On 10/8/24 6:13 AM, Eric Dumazet wrote: > commit 2384d02520ff ("net/ipv6: Add anycast addresses to a global hashtable") > added inet6_acaddr_hash(), using ipv6_addr_hash() and net_hash_mix() > to get hash spreading for typical users. > > However ipv6_addr_hash() is highly predictable and a malicious user > could abuse a specific hash bucket. > > Switch to __ipv6_addr_jhash(). We could use a dedicated > secret, or reuse net_hash_mix() as I did in this patch. > > Signed-off-by: Eric Dumazet <edumazet@google.com> > --- > net/ipv6/anycast.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > Reviewed-by: David Ahern <dsahern@kernel.org>
From: Eric Dumazet <edumazet@google.com> Date: Tue, 8 Oct 2024 12:13:07 +0000 > commit 2384d02520ff ("net/ipv6: Add anycast addresses to a global hashtable") > added inet6_acaddr_hash(), using ipv6_addr_hash() and net_hash_mix() > to get hash spreading for typical users. > > However ipv6_addr_hash() is highly predictable and a malicious user > could abuse a specific hash bucket. > > Switch to __ipv6_addr_jhash(). We could use a dedicated > secret, or reuse net_hash_mix() as I did in this patch. > > Signed-off-by: Eric Dumazet <edumazet@google.com> Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Hello: This patch was applied to netdev/net-next.git (main) by Jakub Kicinski <kuba@kernel.org>: On Tue, 8 Oct 2024 12:13:07 +0000 you wrote: > commit 2384d02520ff ("net/ipv6: Add anycast addresses to a global hashtable") > added inet6_acaddr_hash(), using ipv6_addr_hash() and net_hash_mix() > to get hash spreading for typical users. > > However ipv6_addr_hash() is highly predictable and a malicious user > could abuse a specific hash bucket. > > [...] Here is the summary with links: - [net-next] ipv6: switch inet6_acaddr_hash() to less predictable hash https://git.kernel.org/netdev/net-next/c/4daf4dc275f1 You are awesome, thank you!
diff --git a/net/ipv6/anycast.c b/net/ipv6/anycast.c index 0627c4c18d1a5067a668da778ad444855194cbeb..562cace50ca9ae635dd0762e147b452be44c729c 100644 --- a/net/ipv6/anycast.c +++ b/net/ipv6/anycast.c @@ -49,9 +49,10 @@ static DEFINE_SPINLOCK(acaddr_hash_lock); static int ipv6_dev_ac_dec(struct net_device *dev, const struct in6_addr *addr); -static u32 inet6_acaddr_hash(struct net *net, const struct in6_addr *addr) +static u32 inet6_acaddr_hash(const struct net *net, + const struct in6_addr *addr) { - u32 val = ipv6_addr_hash(addr) ^ net_hash_mix(net); + u32 val = __ipv6_addr_jhash(addr, net_hash_mix(net)); return hash_32(val, IN6_ADDR_HSIZE_SHIFT); }
commit 2384d02520ff ("net/ipv6: Add anycast addresses to a global hashtable") added inet6_acaddr_hash(), using ipv6_addr_hash() and net_hash_mix() to get hash spreading for typical users. However ipv6_addr_hash() is highly predictable and a malicious user could abuse a specific hash bucket. Switch to __ipv6_addr_jhash(). We could use a dedicated secret, or reuse net_hash_mix() as I did in this patch. Signed-off-by: Eric Dumazet <edumazet@google.com> --- net/ipv6/anycast.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)