Message ID | 20220427065233.2075-2-w@1wt.eu (mailing list archive) |
---|---|
State | Superseded |
Delegated to: | Netdev Maintainers |
Headers | show |
Series | insufficient TCP source port randomness | expand |
Hi Willy,
I love your patch! Yet something to improve:
[auto build test ERROR on net/master]
url: https://github.com/intel-lab-lkp/linux/commits/Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651
base: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git 71cffebf6358a7f5031f5b208bbdc1cb4db6e539
config: i386-randconfig-r026-20220425 (https://download.01.org/0day-ci/archive/20220427/202204271705.VrWNPv7n-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.2.0-20) 11.2.0
reproduce (this is a W=1 build):
# https://github.com/intel-lab-lkp/linux/commit/01b26e522b598adf346b809075880feab3dcdc08
git remote add linux-review https://github.com/intel-lab-lkp/linux
git fetch --no-tags linux-review Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651
git checkout 01b26e522b598adf346b809075880feab3dcdc08
# save the config file
mkdir build_dir && cp config build_dir/.config
make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All errors (new ones prefixed by >>):
ld: net/ipv4/inet_hashtables.o: in function `__inet_hash_connect':
>> inet_hashtables.c:(.text+0x187d): undefined reference to `__umoddi3'
On Wed, Apr 27, 2022 at 05:56:41PM +0800, kernel test robot wrote: > Hi Willy, > > I love your patch! Yet something to improve: > > [auto build test ERROR on net/master] > > url: https://github.com/intel-lab-lkp/linux/commits/Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651 > base: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git 71cffebf6358a7f5031f5b208bbdc1cb4db6e539 > config: i386-randconfig-r026-20220425 (https://download.01.org/0day-ci/archive/20220427/202204271705.VrWNPv7n-lkp@intel.com/config) > compiler: gcc-11 (Debian 11.2.0-20) 11.2.0 > reproduce (this is a W=1 build): > # https://github.com/intel-lab-lkp/linux/commit/01b26e522b598adf346b809075880feab3dcdc08 > git remote add linux-review https://github.com/intel-lab-lkp/linux > git fetch --no-tags linux-review Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651 > git checkout 01b26e522b598adf346b809075880feab3dcdc08 > # save the config file > mkdir build_dir && cp config build_dir/.config > make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash > > If you fix the issue, kindly add following tag as appropriate > Reported-by: kernel test robot <lkp@intel.com> > > All errors (new ones prefixed by >>): > > ld: net/ipv4/inet_hashtables.o: in function `__inet_hash_connect': > >> inet_hashtables.c:(.text+0x187d): undefined reference to `__umoddi3' Argh! indeed, we spoke about using div_u64_rem() at the beginning and that one vanished over time. Will respin it. Thanks, Willy
On Wed, Apr 27, 2022 at 12:07:14PM +0200, Willy Tarreau wrote: > On Wed, Apr 27, 2022 at 05:56:41PM +0800, kernel test robot wrote: > > Hi Willy, > > > > I love your patch! Yet something to improve: > > > > [auto build test ERROR on net/master] > > > > url: https://github.com/intel-lab-lkp/linux/commits/Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651 > > base: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git 71cffebf6358a7f5031f5b208bbdc1cb4db6e539 > > config: i386-randconfig-r026-20220425 (https://download.01.org/0day-ci/archive/20220427/202204271705.VrWNPv7n-lkp@intel.com/config) > > compiler: gcc-11 (Debian 11.2.0-20) 11.2.0 > > reproduce (this is a W=1 build): > > # https://github.com/intel-lab-lkp/linux/commit/01b26e522b598adf346b809075880feab3dcdc08 > > git remote add linux-review https://github.com/intel-lab-lkp/linux > > git fetch --no-tags linux-review Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651 > > git checkout 01b26e522b598adf346b809075880feab3dcdc08 > > # save the config file > > mkdir build_dir && cp config build_dir/.config > > make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash > > > > If you fix the issue, kindly add following tag as appropriate > > Reported-by: kernel test robot <lkp@intel.com> > > > > All errors (new ones prefixed by >>): > > > > ld: net/ipv4/inet_hashtables.o: in function `__inet_hash_connect': > > >> inet_hashtables.c:(.text+0x187d): undefined reference to `__umoddi3' > > Argh! indeed, we spoke about using div_u64_rem() at the beginning and > that one vanished over time. Will respin it. I fixed it, built it for i386 and x86_64, tested it on x86_64 and confirmed that it still does what I need. The change is only this: - offset = (READ_ONCE(table_perturb[index]) + (port_offset >> 32)) % remaining; + div_u64_rem(READ_ONCE(table_perturb[index]) + (port_offset >> 32), remaining, &offset); I'll send a v2 series in a few hours if there are no more comments. Willy
On Wed, Apr 27, 2022 at 9:35 AM Willy Tarreau <w@1wt.eu> wrote: > > On Wed, Apr 27, 2022 at 12:07:14PM +0200, Willy Tarreau wrote: > > On Wed, Apr 27, 2022 at 05:56:41PM +0800, kernel test robot wrote: > > > Hi Willy, > > > > > > I love your patch! Yet something to improve: > > > > > > [auto build test ERROR on net/master] > > > > > > url: https://github.com/intel-lab-lkp/linux/commits/Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651 > > > base: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git 71cffebf6358a7f5031f5b208bbdc1cb4db6e539 > > > config: i386-randconfig-r026-20220425 (https://download.01.org/0day-ci/archive/20220427/202204271705.VrWNPv7n-lkp@intel.com/config) > > > compiler: gcc-11 (Debian 11.2.0-20) 11.2.0 > > > reproduce (this is a W=1 build): > > > # https://github.com/intel-lab-lkp/linux/commit/01b26e522b598adf346b809075880feab3dcdc08 > > > git remote add linux-review https://github.com/intel-lab-lkp/linux > > > git fetch --no-tags linux-review Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651 > > > git checkout 01b26e522b598adf346b809075880feab3dcdc08 > > > # save the config file > > > mkdir build_dir && cp config build_dir/.config > > > make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash > > > > > > If you fix the issue, kindly add following tag as appropriate > > > Reported-by: kernel test robot <lkp@intel.com> > > > > > > All errors (new ones prefixed by >>): > > > > > > ld: net/ipv4/inet_hashtables.o: in function `__inet_hash_connect': > > > >> inet_hashtables.c:(.text+0x187d): undefined reference to `__umoddi3' > > > > Argh! indeed, we spoke about using div_u64_rem() at the beginning and > > that one vanished over time. Will respin it. > > I fixed it, built it for i386 and x86_64, tested it on x86_64 and confirmed > that it still does what I need. The change is only this: > > - offset = (READ_ONCE(table_perturb[index]) + (port_offset >> 32)) % remaining; > + div_u64_rem(READ_ONCE(table_perturb[index]) + (port_offset >> 32), remaining, &offset); > > I'll send a v2 series in a few hours if there are no more comments. We really do not need 33 bits here. I would suggest using a 32bit divide. offset = READ_ONCE(table_perturb[index]) + (port_offset >> 32)); offset %= remaining;
On Wed, Apr 27, 2022 at 09:50:06AM -0700, Eric Dumazet wrote: > On Wed, Apr 27, 2022 at 9:35 AM Willy Tarreau <w@1wt.eu> wrote: > > > > On Wed, Apr 27, 2022 at 12:07:14PM +0200, Willy Tarreau wrote: > > > On Wed, Apr 27, 2022 at 05:56:41PM +0800, kernel test robot wrote: > > > > Hi Willy, > > > > > > > > I love your patch! Yet something to improve: > > > > > > > > [auto build test ERROR on net/master] > > > > > > > > url: https://github.com/intel-lab-lkp/linux/commits/Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651 > > > > base: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git 71cffebf6358a7f5031f5b208bbdc1cb4db6e539 > > > > config: i386-randconfig-r026-20220425 (https://download.01.org/0day-ci/archive/20220427/202204271705.VrWNPv7n-lkp@intel.com/config) > > > > compiler: gcc-11 (Debian 11.2.0-20) 11.2.0 > > > > reproduce (this is a W=1 build): > > > > # https://github.com/intel-lab-lkp/linux/commit/01b26e522b598adf346b809075880feab3dcdc08 > > > > git remote add linux-review https://github.com/intel-lab-lkp/linux > > > > git fetch --no-tags linux-review Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651 > > > > git checkout 01b26e522b598adf346b809075880feab3dcdc08 > > > > # save the config file > > > > mkdir build_dir && cp config build_dir/.config > > > > make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash > > > > > > > > If you fix the issue, kindly add following tag as appropriate > > > > Reported-by: kernel test robot <lkp@intel.com> > > > > > > > > All errors (new ones prefixed by >>): > > > > > > > > ld: net/ipv4/inet_hashtables.o: in function `__inet_hash_connect': > > > > >> inet_hashtables.c:(.text+0x187d): undefined reference to `__umoddi3' > > > > > > Argh! indeed, we spoke about using div_u64_rem() at the beginning and > > > that one vanished over time. Will respin it. > > > > I fixed it, built it for i386 and x86_64, tested it on x86_64 and confirmed > > that it still does what I need. The change is only this: > > > > - offset = (READ_ONCE(table_perturb[index]) + (port_offset >> 32)) % remaining; > > + div_u64_rem(READ_ONCE(table_perturb[index]) + (port_offset >> 32), remaining, &offset); > > > > I'll send a v2 series in a few hours if there are no more comments. > > We really do not need 33 bits here. > > I would suggest using a 32bit divide. > > offset = READ_ONCE(table_perturb[index]) + (port_offset >> 32)); > offset %= remaining; Yeah much better indeed, I'll do that. Thanks Eric! Willy
Hi Willy, On Wed, Apr 27, 2022 at 08:52:27AM +0200, Willy Tarreau wrote: > diff --git a/include/net/secure_seq.h b/include/net/secure_seq.h > index d7d2495f83c2..5cea9ed9c773 100644 > --- a/include/net/secure_seq.h > +++ b/include/net/secure_seq.h > @@ -4,7 +4,7 @@ > > #include <linux/types.h> > > -u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); > +u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); > u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, > __be16 dport); > u32 secure_tcp_seq(__be32 saddr, __be32 daddr, > diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c > index 9b8443774449..2cdd43a63f64 100644 > --- a/net/core/secure_seq.c > +++ b/net/core/secure_seq.c > @@ -142,7 +142,7 @@ u32 secure_tcp_seq(__be32 saddr, __be32 daddr, > } > EXPORT_SYMBOL_GPL(secure_tcp_seq); > > -u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) > +u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) > { > net_secret_init(); > return siphash_3u32((__force u32)saddr, (__force u32)daddr, Should you be doing the same with secure_ipv6_port_ephemeral() too? Why the asymmetry? Jason
Hi Jason, On Wed, Apr 27, 2022 at 07:18:48PM +0200, Jason A. Donenfeld wrote: > Hi Willy, > > On Wed, Apr 27, 2022 at 08:52:27AM +0200, Willy Tarreau wrote: > > diff --git a/include/net/secure_seq.h b/include/net/secure_seq.h > > index d7d2495f83c2..5cea9ed9c773 100644 > > --- a/include/net/secure_seq.h > > +++ b/include/net/secure_seq.h > > @@ -4,7 +4,7 @@ > > > > #include <linux/types.h> > > > > -u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); > > +u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); > > u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, > > __be16 dport); > > u32 secure_tcp_seq(__be32 saddr, __be32 daddr, > > diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c > > index 9b8443774449..2cdd43a63f64 100644 > > --- a/net/core/secure_seq.c > > +++ b/net/core/secure_seq.c > > @@ -142,7 +142,7 @@ u32 secure_tcp_seq(__be32 saddr, __be32 daddr, > > } > > EXPORT_SYMBOL_GPL(secure_tcp_seq); > > > > -u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) > > +u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) > > { > > net_secret_init(); > > return siphash_3u32((__force u32)saddr, (__force u32)daddr, > > Should you be doing the same with secure_ipv6_port_ephemeral() too? Why > the asymmetry? I remember not finding it in the similar code path, but maybe I missed something. It's used by inet6_sk_port_offset() which also returns a u32, itself used by inet6_hash_connect() and passed to __inet_hash_connect(). Hmmm the loop is now closed, I don't know how I missed it. So yes I agree that it would definitely be needed. I'll update the patch, many thanks! Willy
Hi Willy,
I love your patch! Yet something to improve:
[auto build test ERROR on net/master]
url: https://github.com/intel-lab-lkp/linux/commits/Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651
base: https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git 71cffebf6358a7f5031f5b208bbdc1cb4db6e539
config: i386-randconfig-a011-20220425 (https://download.01.org/0day-ci/archive/20220428/202204280348.UBtfnU6Q-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.2.0-20) 11.2.0
reproduce (this is a W=1 build):
# https://github.com/intel-lab-lkp/linux/commit/01b26e522b598adf346b809075880feab3dcdc08
git remote add linux-review https://github.com/intel-lab-lkp/linux
git fetch --no-tags linux-review Willy-Tarreau/insufficient-TCP-source-port-randomness/20220427-145651
git checkout 01b26e522b598adf346b809075880feab3dcdc08
# save the config file
mkdir build_dir && cp config build_dir/.config
make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All errors (new ones prefixed by >>):
ld: net/ipv4/inet_hashtables.o: in function `__inet_hash_connect':
>> net/ipv4/inet_hashtables.c:780: undefined reference to `__umoddi3'
vim +780 net/ipv4/inet_hashtables.c
190cc82489f46f Eric Dumazet 2021-02-09 735
5ee31fc1ecdcbc Pavel Emelyanov 2008-01-31 736 int __inet_hash_connect(struct inet_timewait_death_row *death_row,
01b26e522b598a Willy Tarreau 2022-04-27 737 struct sock *sk, u64 port_offset,
5ee31fc1ecdcbc Pavel Emelyanov 2008-01-31 738 int (*check_established)(struct inet_timewait_death_row *,
b4d6444ea3b50b Eric Dumazet 2015-03-18 739 struct sock *, __u16, struct inet_timewait_sock **))
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 740 {
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 741 struct inet_hashinfo *hinfo = death_row->hashinfo;
1580ab63fc9a03 Eric Dumazet 2016-02-11 742 struct inet_timewait_sock *tw = NULL;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 743 struct inet_bind_hashbucket *head;
1580ab63fc9a03 Eric Dumazet 2016-02-11 744 int port = inet_sk(sk)->inet_num;
3b1e0a655f8eba YOSHIFUJI Hideaki 2008-03-26 745 struct net *net = sock_net(sk);
1580ab63fc9a03 Eric Dumazet 2016-02-11 746 struct inet_bind_bucket *tb;
1580ab63fc9a03 Eric Dumazet 2016-02-11 747 u32 remaining, offset;
1580ab63fc9a03 Eric Dumazet 2016-02-11 748 int ret, i, low, high;
3c82a21f4320c8 Robert Shearman 2018-11-07 749 int l3mdev;
190cc82489f46f Eric Dumazet 2021-02-09 750 u32 index;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 751
1580ab63fc9a03 Eric Dumazet 2016-02-11 752 if (port) {
1580ab63fc9a03 Eric Dumazet 2016-02-11 753 head = &hinfo->bhash[inet_bhashfn(net, port,
1580ab63fc9a03 Eric Dumazet 2016-02-11 754 hinfo->bhash_size)];
1580ab63fc9a03 Eric Dumazet 2016-02-11 755 tb = inet_csk(sk)->icsk_bind_hash;
1580ab63fc9a03 Eric Dumazet 2016-02-11 756 spin_lock_bh(&head->lock);
1580ab63fc9a03 Eric Dumazet 2016-02-11 757 if (sk_head(&tb->owners) == sk && !sk->sk_bind_node.next) {
01770a16616573 Ricardo Dias 2020-11-20 758 inet_ehash_nolisten(sk, NULL, NULL);
1580ab63fc9a03 Eric Dumazet 2016-02-11 759 spin_unlock_bh(&head->lock);
1580ab63fc9a03 Eric Dumazet 2016-02-11 760 return 0;
1580ab63fc9a03 Eric Dumazet 2016-02-11 761 }
1580ab63fc9a03 Eric Dumazet 2016-02-11 762 spin_unlock(&head->lock);
1580ab63fc9a03 Eric Dumazet 2016-02-11 763 /* No definite answer... Walk to established hash table */
1580ab63fc9a03 Eric Dumazet 2016-02-11 764 ret = check_established(death_row, sk, port, NULL);
1580ab63fc9a03 Eric Dumazet 2016-02-11 765 local_bh_enable();
1580ab63fc9a03 Eric Dumazet 2016-02-11 766 return ret;
1580ab63fc9a03 Eric Dumazet 2016-02-11 767 }
227b60f5102cda Stephen Hemminger 2007-10-10 768
3c82a21f4320c8 Robert Shearman 2018-11-07 769 l3mdev = inet_sk_bound_l3mdev(sk);
3c82a21f4320c8 Robert Shearman 2018-11-07 770
1580ab63fc9a03 Eric Dumazet 2016-02-11 771 inet_get_local_port_range(net, &low, &high);
1580ab63fc9a03 Eric Dumazet 2016-02-11 772 high++; /* [32768, 60999] -> [32768, 61000[ */
1580ab63fc9a03 Eric Dumazet 2016-02-11 773 remaining = high - low;
1580ab63fc9a03 Eric Dumazet 2016-02-11 774 if (likely(remaining > 1))
1580ab63fc9a03 Eric Dumazet 2016-02-11 775 remaining &= ~1U;
1580ab63fc9a03 Eric Dumazet 2016-02-11 776
190cc82489f46f Eric Dumazet 2021-02-09 777 net_get_random_once(table_perturb, sizeof(table_perturb));
190cc82489f46f Eric Dumazet 2021-02-09 778 index = hash_32(port_offset, INET_TABLE_PERTURB_SHIFT);
190cc82489f46f Eric Dumazet 2021-02-09 779
190cc82489f46f Eric Dumazet 2021-02-09 @780 offset = (READ_ONCE(table_perturb[index]) + port_offset) % remaining;
1580ab63fc9a03 Eric Dumazet 2016-02-11 781 /* In first pass we try ports of @low parity.
1580ab63fc9a03 Eric Dumazet 2016-02-11 782 * inet_csk_get_port() does the opposite choice.
07f4c90062f8fc Eric Dumazet 2015-05-24 783 */
1580ab63fc9a03 Eric Dumazet 2016-02-11 784 offset &= ~1U;
1580ab63fc9a03 Eric Dumazet 2016-02-11 785 other_parity_scan:
1580ab63fc9a03 Eric Dumazet 2016-02-11 786 port = low + offset;
1580ab63fc9a03 Eric Dumazet 2016-02-11 787 for (i = 0; i < remaining; i += 2, port += 2) {
1580ab63fc9a03 Eric Dumazet 2016-02-11 788 if (unlikely(port >= high))
1580ab63fc9a03 Eric Dumazet 2016-02-11 789 port -= remaining;
122ff243f5f104 WANG Cong 2014-05-12 790 if (inet_is_local_reserved_port(net, port))
e3826f1e946e7d Amerigo Wang 2010-05-05 791 continue;
7f635ab71eef8d Pavel Emelyanov 2008-06-16 792 head = &hinfo->bhash[inet_bhashfn(net, port,
7f635ab71eef8d Pavel Emelyanov 2008-06-16 793 hinfo->bhash_size)];
1580ab63fc9a03 Eric Dumazet 2016-02-11 794 spin_lock_bh(&head->lock);
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 795
1580ab63fc9a03 Eric Dumazet 2016-02-11 796 /* Does not bother with rcv_saddr checks, because
1580ab63fc9a03 Eric Dumazet 2016-02-11 797 * the established check is already unique enough.
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 798 */
b67bfe0d42cac5 Sasha Levin 2013-02-27 799 inet_bind_bucket_for_each(tb, &head->chain) {
3c82a21f4320c8 Robert Shearman 2018-11-07 800 if (net_eq(ib_net(tb), net) && tb->l3mdev == l3mdev &&
3c82a21f4320c8 Robert Shearman 2018-11-07 801 tb->port == port) {
da5e36308d9f71 Tom Herbert 2013-01-22 802 if (tb->fastreuse >= 0 ||
da5e36308d9f71 Tom Herbert 2013-01-22 803 tb->fastreuseport >= 0)
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 804 goto next_port;
a9d8f9110d7e95 Evgeniy Polyakov 2009-01-19 805 WARN_ON(hlist_empty(&tb->owners));
5ee31fc1ecdcbc Pavel Emelyanov 2008-01-31 806 if (!check_established(death_row, sk,
5ee31fc1ecdcbc Pavel Emelyanov 2008-01-31 807 port, &tw))
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 808 goto ok;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 809 goto next_port;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 810 }
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 811 }
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 812
941b1d22cc035a Pavel Emelyanov 2008-01-31 813 tb = inet_bind_bucket_create(hinfo->bind_bucket_cachep,
3c82a21f4320c8 Robert Shearman 2018-11-07 814 net, head, port, l3mdev);
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 815 if (!tb) {
1580ab63fc9a03 Eric Dumazet 2016-02-11 816 spin_unlock_bh(&head->lock);
1580ab63fc9a03 Eric Dumazet 2016-02-11 817 return -ENOMEM;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 818 }
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 819 tb->fastreuse = -1;
da5e36308d9f71 Tom Herbert 2013-01-22 820 tb->fastreuseport = -1;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 821 goto ok;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 822 next_port:
1580ab63fc9a03 Eric Dumazet 2016-02-11 823 spin_unlock_bh(&head->lock);
1580ab63fc9a03 Eric Dumazet 2016-02-11 824 cond_resched();
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 825 }
1580ab63fc9a03 Eric Dumazet 2016-02-11 826
1580ab63fc9a03 Eric Dumazet 2016-02-11 827 offset++;
1580ab63fc9a03 Eric Dumazet 2016-02-11 828 if ((offset & 1) && remaining > 1)
1580ab63fc9a03 Eric Dumazet 2016-02-11 829 goto other_parity_scan;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 830
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 831 return -EADDRNOTAVAIL;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 832
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 833 ok:
c579bd1b4021c4 Eric Dumazet 2021-02-09 834 /* If our first attempt found a candidate, skip next candidate
c579bd1b4021c4 Eric Dumazet 2021-02-09 835 * in 1/16 of cases to add some noise.
c579bd1b4021c4 Eric Dumazet 2021-02-09 836 */
c579bd1b4021c4 Eric Dumazet 2021-02-09 837 if (!i && !(prandom_u32() % 16))
c579bd1b4021c4 Eric Dumazet 2021-02-09 838 i = 2;
190cc82489f46f Eric Dumazet 2021-02-09 839 WRITE_ONCE(table_perturb[index], READ_ONCE(table_perturb[index]) + i + 2);
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 840
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 841 /* Head lock still held and bh's disabled */
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 842 inet_bind_hash(sk, tb, port);
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 843 if (sk_unhashed(sk)) {
c720c7e8383aff Eric Dumazet 2009-10-15 844 inet_sk(sk)->inet_sport = htons(port);
01770a16616573 Ricardo Dias 2020-11-20 845 inet_ehash_nolisten(sk, (struct sock *)tw, NULL);
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 846 }
3cdaedae635b17 Eric Dumazet 2009-12-04 847 if (tw)
fc01538f9fb755 Eric Dumazet 2015-07-08 848 inet_twsk_bind_unhash(tw, hinfo);
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 849 spin_unlock(&head->lock);
dbe7faa4045ea8 Eric Dumazet 2015-07-08 850 if (tw)
dbe7faa4045ea8 Eric Dumazet 2015-07-08 851 inet_twsk_deschedule_put(tw);
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 852 local_bh_enable();
1580ab63fc9a03 Eric Dumazet 2016-02-11 853 return 0;
a7f5e7f164788a Arnaldo Carvalho de Melo 2005-12-13 854 }
5ee31fc1ecdcbc Pavel Emelyanov 2008-01-31 855
diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h index f72ec113ae56..98e1ec1a14f0 100644 --- a/include/net/inet_hashtables.h +++ b/include/net/inet_hashtables.h @@ -425,7 +425,7 @@ static inline void sk_rcv_saddr_set(struct sock *sk, __be32 addr) } int __inet_hash_connect(struct inet_timewait_death_row *death_row, - struct sock *sk, u32 port_offset, + struct sock *sk, u64 port_offset, int (*check_established)(struct inet_timewait_death_row *, struct sock *, __u16, struct inet_timewait_sock **)); diff --git a/include/net/secure_seq.h b/include/net/secure_seq.h index d7d2495f83c2..5cea9ed9c773 100644 --- a/include/net/secure_seq.h +++ b/include/net/secure_seq.h @@ -4,7 +4,7 @@ #include <linux/types.h> -u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); +u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, __be16 dport); u32 secure_tcp_seq(__be32 saddr, __be32 daddr, diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c index 9b8443774449..2cdd43a63f64 100644 --- a/net/core/secure_seq.c +++ b/net/core/secure_seq.c @@ -142,7 +142,7 @@ u32 secure_tcp_seq(__be32 saddr, __be32 daddr, } EXPORT_SYMBOL_GPL(secure_tcp_seq); -u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) +u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) { net_secret_init(); return siphash_3u32((__force u32)saddr, (__force u32)daddr, diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index 17440840a791..09cbad0488ca 100644 --- a/net/ipv4/inet_hashtables.c +++ b/net/ipv4/inet_hashtables.c @@ -504,7 +504,7 @@ static int __inet_check_established(struct inet_timewait_death_row *death_row, return -EADDRNOTAVAIL; } -static u32 inet_sk_port_offset(const struct sock *sk) +static u64 inet_sk_port_offset(const struct sock *sk) { const struct inet_sock *inet = inet_sk(sk); @@ -734,7 +734,7 @@ EXPORT_SYMBOL_GPL(inet_unhash); static u32 table_perturb[1 << INET_TABLE_PERTURB_SHIFT]; int __inet_hash_connect(struct inet_timewait_death_row *death_row, - struct sock *sk, u32 port_offset, + struct sock *sk, u64 port_offset, int (*check_established)(struct inet_timewait_death_row *, struct sock *, __u16, struct inet_timewait_sock **)) { @@ -859,7 +859,7 @@ int __inet_hash_connect(struct inet_timewait_death_row *death_row, int inet_hash_connect(struct inet_timewait_death_row *death_row, struct sock *sk) { - u32 port_offset = 0; + u64 port_offset = 0; if (!inet_sk(sk)->inet_num) port_offset = inet_sk_port_offset(sk);