diff options
| author | Kevin Hilman <khilman@linaro.org> | 2013-10-14 18:29:10 -0400 |
|---|---|---|
| committer | Kevin Hilman <khilman@linaro.org> | 2013-10-14 18:29:24 -0400 |
| commit | 7587b5965f57c1c4d6fd1377432a8473f5cd449a (patch) | |
| tree | 85b7ced77656ac142369c6436df02b51d6d13527 /net/core/secure_seq.c | |
| parent | 6a9d10d529db69244baab335fb02caba3d6ebbc9 (diff) | |
| parent | 8d71528343c69ce387bd5fdb4fd8dc2b9f69d97c (diff) | |
Merge tag 'omap-for-v3.13/quirk-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into next/dt
From Tony Lindgren:
Changes needed to prepare for making omap3 device tree only:
- Always build in board-generic, and add pdata quirks and auxdata
support for it so we have all the pdata related quirks
in the same place.
- Merge of the drivers/pinctrl changes that are needed for PM
to continue working on omap3 and also needed for other omaps
eventually. The three pinctrl related patches have been acked
by Linus Walleij and are pulled into both the pinctrl tree
and this branch.
- Few defconfig related changes for drivers needed.
* tag 'omap-for-v3.13/quirk-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap: (523 commits)
ARM: configs: omap2plus_defconfig: enable dwc3 and dependencies
ARM: OMAP2+: Add WLAN modules and of_serial to omap2plus_defconfig
ARM: OMAP2+: Run make savedefconfig on omap2plus_defconfig to shrink it
ARM: OMAP2+: Add minimal 8250 support for GPMC
ARM: OMAP2+: Use pdata quirks for wl12xx for omap3 evm and zoom3
ARM: OMAP: Move DT wake-up event handling over to use pinctrl-single-omap
ARM: OMAP2+: Add support for auxdata
pinctrl: single: Add support for auxdata
pinctrl: single: Add support for wake-up interrupts
pinctrl: single: Prepare for supporting SoC specific features
ARM: OMAP2+: igep0020: use display init from dss-common
ARM: OMAP2+: pdata-quirks: add legacy display init for IGEPv2 board
+Linux 3.12-rc4
Signed-off-by: Kevin Hilman <khilman@linaro.org>
Diffstat (limited to 'net/core/secure_seq.c')
| -rw-r--r-- | net/core/secure_seq.c | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c index 6a2f13cee86a..3f1ec1586ae1 100644 --- a/net/core/secure_seq.c +++ b/net/core/secure_seq.c | |||
| @@ -10,11 +10,24 @@ | |||
| 10 | 10 | ||
| 11 | #include <net/secure_seq.h> | 11 | #include <net/secure_seq.h> |
| 12 | 12 | ||
| 13 | static u32 net_secret[MD5_MESSAGE_BYTES / 4] ____cacheline_aligned; | 13 | #define NET_SECRET_SIZE (MD5_MESSAGE_BYTES / 4) |
| 14 | 14 | ||
| 15 | void net_secret_init(void) | 15 | static u32 net_secret[NET_SECRET_SIZE] ____cacheline_aligned; |
| 16 | |||
| 17 | static void net_secret_init(void) | ||
| 16 | { | 18 | { |
| 17 | get_random_bytes(net_secret, sizeof(net_secret)); | 19 | u32 tmp; |
| 20 | int i; | ||
| 21 | |||
| 22 | if (likely(net_secret[0])) | ||
| 23 | return; | ||
| 24 | |||
| 25 | for (i = NET_SECRET_SIZE; i > 0;) { | ||
| 26 | do { | ||
| 27 | get_random_bytes(&tmp, sizeof(tmp)); | ||
| 28 | } while (!tmp); | ||
| 29 | cmpxchg(&net_secret[--i], 0, tmp); | ||
| 30 | } | ||
| 18 | } | 31 | } |
| 19 | 32 | ||
| 20 | #ifdef CONFIG_INET | 33 | #ifdef CONFIG_INET |
| @@ -42,6 +55,7 @@ __u32 secure_tcpv6_sequence_number(const __be32 *saddr, const __be32 *daddr, | |||
| 42 | u32 hash[MD5_DIGEST_WORDS]; | 55 | u32 hash[MD5_DIGEST_WORDS]; |
| 43 | u32 i; | 56 | u32 i; |
| 44 | 57 | ||
| 58 | net_secret_init(); | ||
| 45 | memcpy(hash, saddr, 16); | 59 | memcpy(hash, saddr, 16); |
| 46 | for (i = 0; i < 4; i++) | 60 | for (i = 0; i < 4; i++) |
| 47 | secret[i] = net_secret[i] + (__force u32)daddr[i]; | 61 | secret[i] = net_secret[i] + (__force u32)daddr[i]; |
| @@ -63,6 +77,7 @@ u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, | |||
| 63 | u32 hash[MD5_DIGEST_WORDS]; | 77 | u32 hash[MD5_DIGEST_WORDS]; |
| 64 | u32 i; | 78 | u32 i; |
| 65 | 79 | ||
| 80 | net_secret_init(); | ||
| 66 | memcpy(hash, saddr, 16); | 81 | memcpy(hash, saddr, 16); |
| 67 | for (i = 0; i < 4; i++) | 82 | for (i = 0; i < 4; i++) |
| 68 | secret[i] = net_secret[i] + (__force u32) daddr[i]; | 83 | secret[i] = net_secret[i] + (__force u32) daddr[i]; |
| @@ -82,6 +97,7 @@ __u32 secure_ip_id(__be32 daddr) | |||
| 82 | { | 97 | { |
| 83 | u32 hash[MD5_DIGEST_WORDS]; | 98 | u32 hash[MD5_DIGEST_WORDS]; |
| 84 | 99 | ||
| 100 | net_secret_init(); | ||
| 85 | hash[0] = (__force __u32) daddr; | 101 | hash[0] = (__force __u32) daddr; |
| 86 | hash[1] = net_secret[13]; | 102 | hash[1] = net_secret[13]; |
| 87 | hash[2] = net_secret[14]; | 103 | hash[2] = net_secret[14]; |
| @@ -96,6 +112,7 @@ __u32 secure_ipv6_id(const __be32 daddr[4]) | |||
| 96 | { | 112 | { |
| 97 | __u32 hash[4]; | 113 | __u32 hash[4]; |
| 98 | 114 | ||
| 115 | net_secret_init(); | ||
| 99 | memcpy(hash, daddr, 16); | 116 | memcpy(hash, daddr, 16); |
| 100 | md5_transform(hash, net_secret); | 117 | md5_transform(hash, net_secret); |
| 101 | 118 | ||
| @@ -107,6 +124,7 @@ __u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr, | |||
| 107 | { | 124 | { |
| 108 | u32 hash[MD5_DIGEST_WORDS]; | 125 | u32 hash[MD5_DIGEST_WORDS]; |
| 109 | 126 | ||
| 127 | net_secret_init(); | ||
| 110 | hash[0] = (__force u32)saddr; | 128 | hash[0] = (__force u32)saddr; |
| 111 | hash[1] = (__force u32)daddr; | 129 | hash[1] = (__force u32)daddr; |
| 112 | hash[2] = ((__force u16)sport << 16) + (__force u16)dport; | 130 | hash[2] = ((__force u16)sport << 16) + (__force u16)dport; |
| @@ -121,6 +139,7 @@ u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) | |||
| 121 | { | 139 | { |
| 122 | u32 hash[MD5_DIGEST_WORDS]; | 140 | u32 hash[MD5_DIGEST_WORDS]; |
| 123 | 141 | ||
| 142 | net_secret_init(); | ||
| 124 | hash[0] = (__force u32)saddr; | 143 | hash[0] = (__force u32)saddr; |
| 125 | hash[1] = (__force u32)daddr; | 144 | hash[1] = (__force u32)daddr; |
| 126 | hash[2] = (__force u32)dport ^ net_secret[14]; | 145 | hash[2] = (__force u32)dport ^ net_secret[14]; |
| @@ -140,6 +159,7 @@ u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr, | |||
| 140 | u32 hash[MD5_DIGEST_WORDS]; | 159 | u32 hash[MD5_DIGEST_WORDS]; |
| 141 | u64 seq; | 160 | u64 seq; |
| 142 | 161 | ||
| 162 | net_secret_init(); | ||
| 143 | hash[0] = (__force u32)saddr; | 163 | hash[0] = (__force u32)saddr; |
| 144 | hash[1] = (__force u32)daddr; | 164 | hash[1] = (__force u32)daddr; |
| 145 | hash[2] = ((__force u16)sport << 16) + (__force u16)dport; | 165 | hash[2] = ((__force u16)sport << 16) + (__force u16)dport; |
| @@ -164,6 +184,7 @@ u64 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr, | |||
| 164 | u64 seq; | 184 | u64 seq; |
| 165 | u32 i; | 185 | u32 i; |
| 166 | 186 | ||
| 187 | net_secret_init(); | ||
| 167 | memcpy(hash, saddr, 16); | 188 | memcpy(hash, saddr, 16); |
| 168 | for (i = 0; i < 4; i++) | 189 | for (i = 0; i < 4; i++) |
| 169 | secret[i] = net_secret[i] + daddr[i]; | 190 | secret[i] = net_secret[i] + daddr[i]; |