From patchwork Sun Aug 29 22:16:14 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 12464361 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D32A0C4320E for ; Sun, 29 Aug 2021 22:16:23 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BCC0560F56 for ; Sun, 29 Aug 2021 22:16:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235685AbhH2WRP (ORCPT ); Sun, 29 Aug 2021 18:17:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54750 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233919AbhH2WRO (ORCPT ); Sun, 29 Aug 2021 18:17:14 -0400 Received: from mail-pj1-x102c.google.com (mail-pj1-x102c.google.com [IPv6:2607:f8b0:4864:20::102c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E2112C061575 for ; Sun, 29 Aug 2021 15:16:21 -0700 (PDT) Received: by mail-pj1-x102c.google.com with SMTP id mq3so8176009pjb.5 for ; Sun, 29 Aug 2021 15:16:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=swelTAQtQxKqymGLqfC04nJtJBqlKXlaH5+mLMbRKuc=; b=CozOLFTAepnkrCzoC1YZ9qkwxkyAsZ0lwdWRlZCGX1hAdlawCzKct9WZw1m67778fk YUUldJbf7jSToZwUoE2VHKAF6OnzpkrpTre8iaqHwBJ5G05aBJXTWVd56/sgbn43HVwd 8lapT37/8oelEtkWbqhN5UpxL+mf9MKl+xCfhHgmCmrr3ylgQOoMkPJX+ORADAAjyuPm hrxnDz2HjPveFkYAxUhHfdmUlC3LkDZ003tytsZQGFAVUKpPRKpGriuyuYaaIR4ZD4Zz tKDo0JxmH+zNdPd20uJBCkPD7VG7IwkRRk5x+Xo5bwWr7TbjrkzFy1p9tG35LE/GtKkC V5Mw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=swelTAQtQxKqymGLqfC04nJtJBqlKXlaH5+mLMbRKuc=; b=CssWXOSzyLxnpluo7WOBBL3XnlZrRD98wNjqIIwGqhqN8EmKFWVez1ONRWY7d+TNDz ZPqaN5zhUuTVq31/tmPeXM1Zgedv/b9Nu1Y88XAxJL6kLuz3QBYMspd6jWxBDM4Rq/cY aDVcrM+V4UeUIHlVWgItuc1Rk0bSfOzakQiVfCsmUsTMMQJGm6TaHH4y6p9dVMRQ8pHP 0pFSnMmvkIFyJXlhfkzx5p6dL8NrJQTkkNWOQeeKosQVUCnQfz8IyFg6IRsvgyEVJE2U 8onmUxobuXjIaW+LNMKvL23mkVPBbcllAV/dk12VRa9LrLn2GGt/Y5nVMWU/M6d1OFCP QE8A== X-Gm-Message-State: AOAM532pgTWGJiQb7LBBZY7Egigo+QLTazHoaTnQpSbJ6qAu6yY6/reC CRPJ8BfKgLmPTAmIpNU6cKk= X-Google-Smtp-Source: ABdhPJyG3Cx3ltOOY/Znnh/xy/2hW8r2SDWi+MXBqk0KCiMbl120xg9GMZVBOStUrUSSWZoRf5fESg== X-Received: by 2002:a17:902:e8c2:b029:123:25ba:e443 with SMTP id v2-20020a170902e8c2b029012325bae443mr19106215plg.29.1630275381532; Sun, 29 Aug 2021 15:16:21 -0700 (PDT) Received: from edumazet1.svl.corp.google.com ([2620:15c:2c4:201:3934:d27b:77de:86b7]) by smtp.gmail.com with ESMTPSA id o15sm1162735pjr.0.2021.08.29.15.16.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 29 Aug 2021 15:16:21 -0700 (PDT) From: Eric Dumazet To: "David S . Miller" , Jakub Kicinski Cc: netdev , Eric Dumazet , Eric Dumazet , Willy Tarreau , Keyu Man , David Ahern , Wei Wang , Martin KaFai Lau Subject: [PATCH net 1/2] ipv6: make exception cache less predictible Date: Sun, 29 Aug 2021 15:16:14 -0700 Message-Id: <20210829221615.2057201-2-eric.dumazet@gmail.com> X-Mailer: git-send-email 2.33.0.259.gc128427fd7-goog In-Reply-To: <20210829221615.2057201-1-eric.dumazet@gmail.com> References: <20210829221615.2057201-1-eric.dumazet@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Eric Dumazet Even after commit 4785305c05b2 ("ipv6: use siphash in rt6_exception_hash()"), an attacker can still use brute force to learn some secrets from a victim linux host. One way to defeat these attacks is to make the max depth of the hash table bucket a random value. Before this patch, each bucket of the hash table used to store exceptions could contain 6 items under attack. After the patch, each bucket would contains a random number of items, between 6 and 10. The attacker can no longer infer secrets. This is slightly increasing memory size used by the hash table, we do not expect this to be a problem. Following patch is dealing with the same issue in IPv4. Fixes: 35732d01fe31 ("ipv6: introduce a hash table to store dst cache") Signed-off-by: Eric Dumazet Reported-by: Keyu Man Cc: Wei Wang Cc: Martin KaFai Lau Reviewed-by: David Ahern Reviewed-by: Wei Wang --- net/ipv6/route.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/ipv6/route.c b/net/ipv6/route.c index c5e8ecb96426bda619fe242351e40dcf6ff68bcf..60334030210192660a7fa141163f36af7489d0ae 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -1657,6 +1657,7 @@ static int rt6_insert_exception(struct rt6_info *nrt, struct in6_addr *src_key = NULL; struct rt6_exception *rt6_ex; struct fib6_nh *nh = res->nh; + int max_depth; int err = 0; spin_lock_bh(&rt6_exception_lock); @@ -1711,7 +1712,9 @@ static int rt6_insert_exception(struct rt6_info *nrt, bucket->depth++; net->ipv6.rt6_stats->fib_rt_cache++; - if (bucket->depth > FIB6_MAX_DEPTH) + /* Randomize max depth to avoid some side channels attacks. */ + max_depth = FIB6_MAX_DEPTH + prandom_u32_max(FIB6_MAX_DEPTH); + while (bucket->depth > max_depth) rt6_exception_remove_oldest(bucket); out: From patchwork Sun Aug 29 22:16:15 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 12464359 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9D867C432BE for ; Sun, 29 Aug 2021 22:16:25 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7B75960232 for ; Sun, 29 Aug 2021 22:16:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236019AbhH2WRR (ORCPT ); Sun, 29 Aug 2021 18:17:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233919AbhH2WRQ (ORCPT ); Sun, 29 Aug 2021 18:17:16 -0400 Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B2C52C061575 for ; Sun, 29 Aug 2021 15:16:23 -0700 (PDT) Received: by mail-pg1-x52b.google.com with SMTP id x4so11635084pgh.1 for ; Sun, 29 Aug 2021 15:16:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=2P6Dq11oFmZoL/VG2LQAN2UkgpqwLgZxozUHmwuft8o=; b=aLw19W/3yzYbmZxyucocC9W9wl36+5aBs9/+rpnDA7h8aCJeLpirtrRGUHR/mbd31O 9ZsFNrDQN2y7iQ3dY88zh6yxzzSABN9X2+gMln+Kzz7WEvdrcq0CVBTmHPqacmDMwAtG WYifre5a4YnaV31SwPn1urUj8G79ijAMBfdCjLY95vM9unXYulGYHbFOb4+5By1HMDxJ HmTjQIH3nFKlRugFeZduidWXrSoI5vz+jI24XEdlVA2rVjdnWVDHBfvwnmUuQiL5RIMY VMje3v+0MkP0RWXth6KZX0ZTccPDU54ooXirhL4BFcpWlEnRE8XEPsy9Fi4ByM+USt1o xcuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=2P6Dq11oFmZoL/VG2LQAN2UkgpqwLgZxozUHmwuft8o=; b=SYP4PcfWvPp62YOZWvDa/EXe8edtTe3rzzTbfGwUdhrBtrd+KRgGBSn24rIe4pXvSA hBzBqboKMsDUeF1wWkO0ndbSbxjF+rIBswZ8i+cyA+KE4TAC9llrIHWDByPCBwt3ou0f FRIFIfLvBi1B6S1g1fr/IDZDds5Mec7qRvifHvv0bNzw0dbAL0R7fC5y/TdIRohin6/Y SrLwinSuI/QKijlZvUR2og+NdM3CKMTKJBi27RxxYSqdfFt+C7HPmN+Lb6Vrg5LerkHq CjoEJa6eIo4vFuD7FBEQLB4bbZV8uMaME/VdtAFehzgzlpFDknOqh5s6xglJvkD1IsPy LCMw== X-Gm-Message-State: AOAM530lHuYGT3RMfUOGndtKn4NqQanwCx3BHF2c0OyKr2lFVSZler6F M/yMcP44YCs46vWZQFIf+Vs= X-Google-Smtp-Source: ABdhPJyNUWFDWe5u8Jr/1PGQbzF9v1GEC6VPV2WqkqQtUk+FxZE7PDqlwEXq79UBr6lQivjvEweXhw== X-Received: by 2002:a62:3887:0:b0:3f2:6c5a:8a92 with SMTP id f129-20020a623887000000b003f26c5a8a92mr18020014pfa.8.1630275383271; Sun, 29 Aug 2021 15:16:23 -0700 (PDT) Received: from edumazet1.svl.corp.google.com ([2620:15c:2c4:201:3934:d27b:77de:86b7]) by smtp.gmail.com with ESMTPSA id o15sm1162735pjr.0.2021.08.29.15.16.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 29 Aug 2021 15:16:22 -0700 (PDT) From: Eric Dumazet To: "David S . Miller" , Jakub Kicinski Cc: netdev , Eric Dumazet , Eric Dumazet , Willy Tarreau , Keyu Man , David Ahern Subject: [PATCH net 2/2] ipv4: make exception cache less predictible Date: Sun, 29 Aug 2021 15:16:15 -0700 Message-Id: <20210829221615.2057201-3-eric.dumazet@gmail.com> X-Mailer: git-send-email 2.33.0.259.gc128427fd7-goog In-Reply-To: <20210829221615.2057201-1-eric.dumazet@gmail.com> References: <20210829221615.2057201-1-eric.dumazet@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Eric Dumazet Even after commit 6457378fe796 ("ipv4: use siphash instead of Jenkins in fnhe_hashfun()"), an attacker can still use brute force to learn some secrets from a victim linux host. One way to defeat these attacks is to make the max depth of the hash table bucket a random value. Before this patch, each bucket of the hash table used to store exceptions could contain 6 items under attack. After the patch, each bucket would contains a random number of items, between 6 and 10. The attacker can no longer infer secrets. This is slightly increasing memory size used by the hash table, by 50% in average, we do not expect this to be a problem. This patch is more complex than the prior one (IPv6 equivalent), because IPv4 was reusing the oldest entry. Since we need to be able to evict more than one entry per update_or_create_fnhe() call, I had to replace fnhe_oldest() with fnhe_remove_oldest(). Also note that we will queue extra kfree_rcu() calls under stress, which hopefully wont be a too big issue. Fixes: 4895c771c7f0 ("ipv4: Add FIB nexthop exceptions.") Signed-off-by: Eric Dumazet Reported-by: Keyu Man Cc: Willy Tarreau Signed-off-by: David S. Miller Reviewed-by: David Ahern Tested-by: David Ahern --- net/ipv4/route.c | 44 +++++++++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 15 deletions(-) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index a6f20ee3533554b210d27c4ab6637ca7a05b148b..225714b5efc0b9c6bcd2d58a62d4656cdc5a1cde 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -586,18 +586,25 @@ static void fnhe_flush_routes(struct fib_nh_exception *fnhe) } } -static struct fib_nh_exception *fnhe_oldest(struct fnhe_hash_bucket *hash) +static void fnhe_remove_oldest(struct fnhe_hash_bucket *hash) { - struct fib_nh_exception *fnhe, *oldest; + struct fib_nh_exception __rcu **fnhe_p, **oldest_p; + struct fib_nh_exception *fnhe, *oldest = NULL; - oldest = rcu_dereference(hash->chain); - for (fnhe = rcu_dereference(oldest->fnhe_next); fnhe; - fnhe = rcu_dereference(fnhe->fnhe_next)) { - if (time_before(fnhe->fnhe_stamp, oldest->fnhe_stamp)) + for (fnhe_p = &hash->chain; ; fnhe_p = &fnhe->fnhe_next) { + fnhe = rcu_dereference_protected(*fnhe_p, + lockdep_is_held(&fnhe_lock)); + if (!fnhe) + break; + if (!oldest || + time_before(fnhe->fnhe_stamp, oldest->fnhe_stamp)) { oldest = fnhe; + oldest_p = fnhe_p; + } } fnhe_flush_routes(oldest); - return oldest; + *oldest_p = oldest->fnhe_next; + kfree_rcu(oldest, rcu); } static u32 fnhe_hashfun(__be32 daddr) @@ -676,16 +683,21 @@ static void update_or_create_fnhe(struct fib_nh_common *nhc, __be32 daddr, if (rt) fill_route_from_fnhe(rt, fnhe); } else { - if (depth > FNHE_RECLAIM_DEPTH) - fnhe = fnhe_oldest(hash); - else { - fnhe = kzalloc(sizeof(*fnhe), GFP_ATOMIC); - if (!fnhe) - goto out_unlock; + /* Randomize max depth to avoid some side channels attacks. */ + int max_depth = FNHE_RECLAIM_DEPTH + + prandom_u32_max(FNHE_RECLAIM_DEPTH); - fnhe->fnhe_next = hash->chain; - rcu_assign_pointer(hash->chain, fnhe); + while (depth > max_depth) { + fnhe_remove_oldest(hash); + depth--; } + + fnhe = kzalloc(sizeof(*fnhe), GFP_ATOMIC); + if (!fnhe) + goto out_unlock; + + fnhe->fnhe_next = hash->chain; + fnhe->fnhe_genid = genid; fnhe->fnhe_daddr = daddr; fnhe->fnhe_gw = gw; @@ -693,6 +705,8 @@ static void update_or_create_fnhe(struct fib_nh_common *nhc, __be32 daddr, fnhe->fnhe_mtu_locked = lock; fnhe->fnhe_expires = max(1UL, expires); + rcu_assign_pointer(hash->chain, fnhe); + /* Exception created; mark the cached routes for the nexthop * stale, so anyone caching it rechecks if this exception * applies to them.