aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--drivers/char/random.c48
-rw-r--r--include/linux/random.h20
2 files changed, 34 insertions, 34 deletions
diff --git a/drivers/char/random.c b/drivers/char/random.c
index eb6b13f4211a..d40df30c2b10 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -1466,8 +1466,8 @@ static __init int seqgen_init(void)
1466late_initcall(seqgen_init); 1466late_initcall(seqgen_init);
1467 1467
1468#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 1468#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1469__u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr, 1469__u32 secure_tcpv6_sequence_number(__be32 *saddr, __be32 *daddr,
1470 __u16 sport, __u16 dport) 1470 __be16 sport, __be16 dport)
1471{ 1471{
1472 struct timeval tv; 1472 struct timeval tv;
1473 __u32 seq; 1473 __u32 seq;
@@ -1479,10 +1479,10 @@ __u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr,
1479 */ 1479 */
1480 1480
1481 memcpy(hash, saddr, 16); 1481 memcpy(hash, saddr, 16);
1482 hash[4]=(sport << 16) + dport; 1482 hash[4]=((__force u16)sport << 16) + (__force u16)dport;
1483 memcpy(&hash[5],keyptr->secret,sizeof(__u32) * 7); 1483 memcpy(&hash[5],keyptr->secret,sizeof(__u32) * 7);
1484 1484
1485 seq = twothirdsMD4Transform(daddr, hash) & HASH_MASK; 1485 seq = twothirdsMD4Transform((const __u32 *)daddr, hash) & HASH_MASK;
1486 seq += keyptr->count; 1486 seq += keyptr->count;
1487 1487
1488 do_gettimeofday(&tv); 1488 do_gettimeofday(&tv);
@@ -1496,7 +1496,7 @@ EXPORT_SYMBOL(secure_tcpv6_sequence_number);
1496/* The code below is shamelessly stolen from secure_tcp_sequence_number(). 1496/* The code below is shamelessly stolen from secure_tcp_sequence_number().
1497 * All blames to Andrey V. Savochkin <saw@msu.ru>. 1497 * All blames to Andrey V. Savochkin <saw@msu.ru>.
1498 */ 1498 */
1499__u32 secure_ip_id(__u32 daddr) 1499__u32 secure_ip_id(__be32 daddr)
1500{ 1500{
1501 struct keydata *keyptr; 1501 struct keydata *keyptr;
1502 __u32 hash[4]; 1502 __u32 hash[4];
@@ -1508,7 +1508,7 @@ __u32 secure_ip_id(__u32 daddr)
1508 * The dest ip address is placed in the starting vector, 1508 * The dest ip address is placed in the starting vector,
1509 * which is then hashed with random data. 1509 * which is then hashed with random data.
1510 */ 1510 */
1511 hash[0] = daddr; 1511 hash[0] = (__force __u32)daddr;
1512 hash[1] = keyptr->secret[9]; 1512 hash[1] = keyptr->secret[9];
1513 hash[2] = keyptr->secret[10]; 1513 hash[2] = keyptr->secret[10];
1514 hash[3] = keyptr->secret[11]; 1514 hash[3] = keyptr->secret[11];
@@ -1518,8 +1518,8 @@ __u32 secure_ip_id(__u32 daddr)
1518 1518
1519#ifdef CONFIG_INET 1519#ifdef CONFIG_INET
1520 1520
1521__u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr, 1521__u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
1522 __u16 sport, __u16 dport) 1522 __be16 sport, __be16 dport)
1523{ 1523{
1524 struct timeval tv; 1524 struct timeval tv;
1525 __u32 seq; 1525 __u32 seq;
@@ -1532,9 +1532,9 @@ __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr,
1532 * Note that the words are placed into the starting vector, which is 1532 * Note that the words are placed into the starting vector, which is
1533 * then mixed with a partial MD4 over random data. 1533 * then mixed with a partial MD4 over random data.
1534 */ 1534 */
1535 hash[0]=saddr; 1535 hash[0]=(__force u32)saddr;
1536 hash[1]=daddr; 1536 hash[1]=(__force u32)daddr;
1537 hash[2]=(sport << 16) + dport; 1537 hash[2]=((__force u16)sport << 16) + (__force u16)dport;
1538 hash[3]=keyptr->secret[11]; 1538 hash[3]=keyptr->secret[11];
1539 1539
1540 seq = half_md4_transform(hash, keyptr->secret) & HASH_MASK; 1540 seq = half_md4_transform(hash, keyptr->secret) & HASH_MASK;
@@ -1559,7 +1559,7 @@ __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr,
1559EXPORT_SYMBOL(secure_tcp_sequence_number); 1559EXPORT_SYMBOL(secure_tcp_sequence_number);
1560 1560
1561/* Generate secure starting point for ephemeral IPV4 transport port search */ 1561/* Generate secure starting point for ephemeral IPV4 transport port search */
1562u32 secure_ipv4_port_ephemeral(__u32 saddr, __u32 daddr, __u16 dport) 1562u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport)
1563{ 1563{
1564 struct keydata *keyptr = get_keyptr(); 1564 struct keydata *keyptr = get_keyptr();
1565 u32 hash[4]; 1565 u32 hash[4];
@@ -1568,25 +1568,25 @@ u32 secure_ipv4_port_ephemeral(__u32 saddr, __u32 daddr, __u16 dport)
1568 * Pick a unique starting offset for each ephemeral port search 1568 * Pick a unique starting offset for each ephemeral port search
1569 * (saddr, daddr, dport) and 48bits of random data. 1569 * (saddr, daddr, dport) and 48bits of random data.
1570 */ 1570 */
1571 hash[0] = saddr; 1571 hash[0] = (__force u32)saddr;
1572 hash[1] = daddr; 1572 hash[1] = (__force u32)daddr;
1573 hash[2] = dport ^ keyptr->secret[10]; 1573 hash[2] = (__force u32)dport ^ keyptr->secret[10];
1574 hash[3] = keyptr->secret[11]; 1574 hash[3] = keyptr->secret[11];
1575 1575
1576 return half_md4_transform(hash, keyptr->secret); 1576 return half_md4_transform(hash, keyptr->secret);
1577} 1577}
1578 1578
1579#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 1579#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1580u32 secure_ipv6_port_ephemeral(const __u32 *saddr, const __u32 *daddr, __u16 dport) 1580u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, __be16 dport)
1581{ 1581{
1582 struct keydata *keyptr = get_keyptr(); 1582 struct keydata *keyptr = get_keyptr();
1583 u32 hash[12]; 1583 u32 hash[12];
1584 1584
1585 memcpy(hash, saddr, 16); 1585 memcpy(hash, saddr, 16);
1586 hash[4] = dport; 1586 hash[4] = (__force u32)dport;
1587 memcpy(&hash[5],keyptr->secret,sizeof(__u32) * 7); 1587 memcpy(&hash[5],keyptr->secret,sizeof(__u32) * 7);
1588 1588
1589 return twothirdsMD4Transform(daddr, hash); 1589 return twothirdsMD4Transform((const __u32 *)daddr, hash);
1590} 1590}
1591#endif 1591#endif
1592 1592
@@ -1595,17 +1595,17 @@ u32 secure_ipv6_port_ephemeral(const __u32 *saddr, const __u32 *daddr, __u16 dpo
1595 * bit's 32-47 increase every key exchange 1595 * bit's 32-47 increase every key exchange
1596 * 0-31 hash(source, dest) 1596 * 0-31 hash(source, dest)
1597 */ 1597 */
1598u64 secure_dccp_sequence_number(__u32 saddr, __u32 daddr, 1598u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
1599 __u16 sport, __u16 dport) 1599 __be16 sport, __be16 dport)
1600{ 1600{
1601 struct timeval tv; 1601 struct timeval tv;
1602 u64 seq; 1602 u64 seq;
1603 __u32 hash[4]; 1603 __u32 hash[4];
1604 struct keydata *keyptr = get_keyptr(); 1604 struct keydata *keyptr = get_keyptr();
1605 1605
1606 hash[0] = saddr; 1606 hash[0] = (__force u32)saddr;
1607 hash[1] = daddr; 1607 hash[1] = (__force u32)daddr;
1608 hash[2] = (sport << 16) + dport; 1608 hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
1609 hash[3] = keyptr->secret[11]; 1609 hash[3] = keyptr->secret[11];
1610 1610
1611 seq = half_md4_transform(hash, keyptr->secret); 1611 seq = half_md4_transform(hash, keyptr->secret);
@@ -1641,7 +1641,7 @@ unsigned int get_random_int(void)
1641 * drain on it), and uses halfMD4Transform within the second. We 1641 * drain on it), and uses halfMD4Transform within the second. We
1642 * also mix it with jiffies and the PID: 1642 * also mix it with jiffies and the PID:
1643 */ 1643 */
1644 return secure_ip_id(current->pid + jiffies); 1644 return secure_ip_id((__force __be32)(current->pid + jiffies));
1645} 1645}
1646 1646
1647/* 1647/*
diff --git a/include/linux/random.h b/include/linux/random.h
index 0248b30e306d..01ad71033d65 100644
--- a/include/linux/random.h
+++ b/include/linux/random.h
@@ -51,16 +51,16 @@ extern void add_interrupt_randomness(int irq);
51extern void get_random_bytes(void *buf, int nbytes); 51extern void get_random_bytes(void *buf, int nbytes);
52void generate_random_uuid(unsigned char uuid_out[16]); 52void generate_random_uuid(unsigned char uuid_out[16]);
53 53
54extern __u32 secure_ip_id(__u32 daddr); 54extern __u32 secure_ip_id(__be32 daddr);
55extern u32 secure_ipv4_port_ephemeral(__u32 saddr, __u32 daddr, __u16 dport); 55extern u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport);
56extern u32 secure_ipv6_port_ephemeral(const __u32 *saddr, const __u32 *daddr, 56extern u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
57 __u16 dport); 57 __be16 dport);
58extern __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr, 58extern __u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
59 __u16 sport, __u16 dport); 59 __be16 sport, __be16 dport);
60extern __u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr, 60extern __u32 secure_tcpv6_sequence_number(__be32 *saddr, __be32 *daddr,
61 __u16 sport, __u16 dport); 61 __be16 sport, __be16 dport);
62extern u64 secure_dccp_sequence_number(__u32 saddr, __u32 daddr, 62extern u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
63 __u16 sport, __u16 dport); 63 __be16 sport, __be16 dport);
64 64
65#ifndef MODULE 65#ifndef MODULE
66extern struct file_operations random_fops, urandom_fops; 66extern struct file_operations random_fops, urandom_fops;