linux/net/core
Willy Tarreau 3744741ada random32: add noise from network and scheduling activity
With the removal of the interrupt perturbations in previous random32
change (random32: make prandom_u32() output unpredictable), the PRNG
has become 100% deterministic again. While SipHash is expected to be
way more robust against brute force than the previous Tausworthe LFSR,
there's still the risk that whoever has even one temporary access to
the PRNG's internal state is able to predict all subsequent draws till
the next reseed (roughly every minute). This may happen through a side
channel attack or any data leak.

This patch restores the spirit of commit f227e3ec3b ("random32: update
the net random state on interrupt and activity") in that it will perturb
the internal PRNG's statee using externally collected noise, except that
it will not pick that noise from the random pool's bits nor upon
interrupt, but will rather combine a few elements along the Tx path
that are collectively hard to predict, such as dev, skb and txq
pointers, packet length and jiffies values. These ones are combined
using a single round of SipHash into a single long variable that is
mixed with the net_rand_state upon each invocation.

The operation was inlined because it produces very small and efficient
code, typically 3 xor, 2 add and 2 rol. The performance was measured
to be the same (even very slightly better) than before the switch to
SipHash; on a 6-core 12-thread Core i7-8700k equipped with a 40G NIC
(i40e), the connection rate dropped from 556k/s to 555k/s while the
SYN cookie rate grew from 5.38 Mpps to 5.45 Mpps.

Link: https://lore.kernel.org/netdev/20200808152628.GA27941@SDF.ORG/
Cc: George Spelvin <lkml@sdf.org>
Cc: Amit Klein <aksecurity@gmail.com>
Cc: Eric Dumazet <edumazet@google.com>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: tytso@mit.edu
Cc: Florian Westphal <fw@strlen.de>
Cc: Marc Plumb <lkml.mplumb@gmail.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Willy Tarreau <w@1wt.eu>
2020-10-24 20:21:57 +02:00
..
Makefile ethtool: move to its own directory 2019-12-12 17:07:05 -08:00
bpf_sk_storage.c bpf: Change bpf_sk_storage_*() to accept ARG_PTR_TO_BTF_ID_SOCK_COMMON 2020-09-25 13:58:01 -07:00
datagram.c net: zerocopy: combine pages in zerocopy_sg_from_iter() 2020-08-20 16:12:50 -07:00
datagram.h
dev.c random32: add noise from network and scheduling activity 2020-10-24 20:21:57 +02:00
dev_addr_lists.c net: core: add nested_level variable in net_device 2020-09-28 15:00:15 -07:00
dev_ioctl.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
devlink.c devlink: Add enable_remote_dev_reset generic parameter 2020-10-09 12:06:53 -07:00
drop_monitor.c genetlink: move to smaller ops wherever possible 2020-10-02 19:11:11 -07:00
dst.c net: Correct the comment of dst_dev_put() 2020-09-10 13:28:57 -07:00
dst_cache.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
failover.c
fib_notifier.c net: fib_notifier: propagate extack down to the notifier block callback 2019-10-04 11:10:56 -07:00
fib_rules.c fib: fix fib_rule_ops indirect call wrappers when CONFIG_IPV6=m 2020-09-08 20:09:08 -07:00
filter.c net: Properly typecast int values to set sk_max_pacing_rate 2020-10-22 12:18:25 -07:00
flow_dissector.c net: flow_dissector: avoid indirect call to DSA .flow_dissect for generic case 2020-09-26 14:17:59 -07:00
flow_offload.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-07-25 17:49:04 -07:00
gen_estimator.c net_sched: gen_estimator: extend packet counter to 64bit 2019-11-06 21:51:36 -08:00
gen_stats.c docs: networking: convert gen_stats.txt to ReST 2020-04-28 14:39:46 -07:00
gro_cells.c
hwbm.c net: hwbm: Make the hwbm_pool lock a mutex 2019-06-09 19:40:10 -07:00
link_watch.c net: Add IF_OPER_TESTING 2020-04-20 12:43:24 -07:00
lwt_bpf.c net: add net available in build_state 2020-03-29 22:30:57 -07:00
lwtunnel.c net: ipv6: add rpl sr tunnel 2020-03-29 22:30:57 -07:00
neighbour.c net: neighbor: add fdb extended attribute 2020-06-24 14:36:33 -07:00
net-procfs.c net-sysfs: add backlog len and CPU id to softnet data 2020-09-21 13:56:37 -07:00
net-sysfs.c net-sysfs: Fix inconsistent of format with argument type in net-sysfs.c 2020-10-01 18:45:23 -07:00
net-sysfs.h net-sysfs: add netdev_change_owner() 2020-02-26 20:07:25 -08:00
net-traces.c page_pool: add tracepoints for page_pool with details need by XDP 2019-06-19 11:23:13 -04:00
net_namespace.c bpf, net: Rework cookie generator as per-cpu one 2020-09-30 11:50:35 -07:00
netclassid_cgroup.c cgroup, netclassid: remove double cond_resched 2020-04-21 15:44:30 -07:00
netevent.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
netpoll.c net: make sure napi_list is safe for RCU traversal 2020-09-10 13:08:46 -07:00
netprio_cgroup.c netprio_cgroup: Fix unlimited memory leak of v2 cgroups 2020-05-09 20:59:21 -07:00
page_pool.c net: page pool: allow to pass zero flags to page_pool_init() 2020-03-29 21:49:20 -07:00
pktgen.c pktgen: Fix inconsistent of format with argument type in pktgen.c 2020-10-01 18:45:23 -07:00
ptp_classifier.c ptp: Add generic ptp v2 header parsing function 2020-08-19 16:07:49 -07:00
request_sock.c tcp: add rcu protection around tp->fastopen_rsk 2019-10-13 10:13:08 -07:00
rtnetlink.c rtnetlink: fix data overflow in rtnl_calcit() 2020-10-21 18:24:08 -07:00
scm.c fs: Add receive_fd() wrapper for __receive_fd() 2020-07-13 11:03:44 -07:00
secure_seq.c crypto: lib/sha1 - remove unnecessary includes of linux/cryptohash.h 2020-05-08 15:32:17 +10:00
skbuff.c networking changes for the 5.10 merge window 2020-10-15 18:42:13 -07:00
skmsg.c bpf, sockmap: Allow skipping sk_skb parser program 2020-10-11 18:09:44 -07:00
sock.c net: Properly typecast int values to set sk_max_pacing_rate 2020-10-22 12:18:25 -07:00
sock_diag.c bpf, net: Rework cookie generator as per-cpu one 2020-09-30 11:50:35 -07:00
sock_map.c net, sockmap: Don't call bpf_prog_put() on NULL pointer 2020-10-15 21:05:23 +02:00
sock_reuseport.c udp: Copy has_conns in reuseport_grow(). 2020-07-21 15:31:02 -07:00
stream.c tcp: make sure EPOLLOUT wont be missed 2019-08-19 13:07:43 -07:00
sysctl_net_core.c net: add option to not create fall-back tunnels in root-ns as well 2020-08-28 06:52:44 -07:00
timestamping.c net: Introduce a new MII time stamping interface. 2019-12-25 19:51:33 -08:00
tso.c net: tso: add UDP segmentation support 2020-06-18 20:46:23 -07:00
utils.c net: Fix skb->csum update in inet_proto_csum_replace16(). 2020-01-24 20:54:30 +01:00
xdp.c bpf, xdp: Remove XDP_QUERY_PROG and XDP_QUERY_PROG_HW XDP commands 2020-07-25 20:37:02 -07:00