inet: Avoid ABI change for IP ID hash change
This commit is contained in:
parent
f02f2890aa
commit
95a59b0c5d
|
@ -30,6 +30,7 @@ linux (4.19.37-5+deb10u2) UNRELEASED; urgency=medium
|
||||||
- Move swapgs feature bits to existing scattered words
|
- Move swapgs feature bits to existing scattered words
|
||||||
- Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered
|
- Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered
|
||||||
features word"
|
features word"
|
||||||
|
* inet: Avoid ABI change for IP ID hash change
|
||||||
|
|
||||||
-- Romain Perier <romain.perier@gmail.com> Mon, 22 Jul 2019 14:00:00 +0200
|
-- Romain Perier <romain.perier@gmail.com> Mon, 22 Jul 2019 14:00:00 +0200
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,75 @@
|
||||||
|
From: Ben Hutchings <ben@decadent.org.uk>
|
||||||
|
Date: Thu, 08 Aug 2019 02:59:40 +0100
|
||||||
|
Subject: inet: Avoid ABI change for IP ID hash change
|
||||||
|
Forwarded: not-needed
|
||||||
|
|
||||||
|
"inet: switch IP ID generator to siphash" adds a new member to struct
|
||||||
|
netns_ipv4. Since this is embedded in struct net, it changes the
|
||||||
|
offsets of all the following members. However struct net itself is
|
||||||
|
not embedded in anything, and is always allocated by built-in code.
|
||||||
|
So move the new member to the end of struct net, and hide it from
|
||||||
|
genksyms.
|
||||||
|
|
||||||
|
Also hide the added element and member from modules, as they won't be
|
||||||
|
able to rely on their being present until we bump ABI.
|
||||||
|
|
||||||
|
---
|
||||||
|
--- a/include/net/net_namespace.h
|
||||||
|
+++ b/include/net/net_namespace.h
|
||||||
|
@@ -163,6 +163,7 @@ struct net {
|
||||||
|
atomic_t fnhe_genid;
|
||||||
|
#if !defined(__GENKSYMS__) && !defined(MODULE)
|
||||||
|
int ipv4_sysctl_tcp_min_snd_mss;
|
||||||
|
+ siphash_key_t ipv4_ip_id_key;
|
||||||
|
#endif
|
||||||
|
} __randomize_layout;
|
||||||
|
|
||||||
|
--- a/include/net/netns/ipv4.h
|
||||||
|
+++ b/include/net/netns/ipv4.h
|
||||||
|
@@ -216,6 +216,6 @@ struct netns_ipv4 {
|
||||||
|
unsigned int ipmr_seq; /* protected by rtnl_mutex */
|
||||||
|
|
||||||
|
atomic_t rt_genid;
|
||||||
|
- siphash_key_t ip_id_key;
|
||||||
|
+ /* siphash_key_t ip_id_key; - bwh: moved to end of struct net */
|
||||||
|
};
|
||||||
|
#endif
|
||||||
|
--- a/net/ipv4/route.c
|
||||||
|
+++ b/net/ipv4/route.c
|
||||||
|
@@ -503,14 +503,14 @@ void __ip_select_ident(struct net *net,
|
||||||
|
u32 hash, id;
|
||||||
|
|
||||||
|
/* Note the following code is not safe, but this is okay. */
|
||||||
|
- if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key)))
|
||||||
|
- get_random_bytes(&net->ipv4.ip_id_key,
|
||||||
|
- sizeof(net->ipv4.ip_id_key));
|
||||||
|
+ if (unlikely(siphash_key_is_zero(&net->ipv4_ip_id_key)))
|
||||||
|
+ get_random_bytes(&net->ipv4_ip_id_key,
|
||||||
|
+ sizeof(net->ipv4_ip_id_key));
|
||||||
|
|
||||||
|
hash = siphash_3u32((__force u32)iph->daddr,
|
||||||
|
(__force u32)iph->saddr,
|
||||||
|
iph->protocol,
|
||||||
|
- &net->ipv4.ip_id_key);
|
||||||
|
+ &net->ipv4_ip_id_key);
|
||||||
|
id = ip_idents_reserve(hash, segs);
|
||||||
|
iph->id = htons(id);
|
||||||
|
}
|
||||||
|
--- a/net/ipv6/output_core.c
|
||||||
|
+++ b/net/ipv6/output_core.c
|
||||||
|
@@ -24,11 +24,11 @@ static u32 __ipv6_select_ident(struct ne
|
||||||
|
u32 hash, id;
|
||||||
|
|
||||||
|
/* Note the following code is not safe, but this is okay. */
|
||||||
|
- if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key)))
|
||||||
|
- get_random_bytes(&net->ipv4.ip_id_key,
|
||||||
|
- sizeof(net->ipv4.ip_id_key));
|
||||||
|
+ if (unlikely(siphash_key_is_zero(&net->ipv4_ip_id_key)))
|
||||||
|
+ get_random_bytes(&net->ipv4_ip_id_key,
|
||||||
|
+ sizeof(net->ipv4_ip_id_key));
|
||||||
|
|
||||||
|
- hash = siphash(&combined, sizeof(combined), &net->ipv4.ip_id_key);
|
||||||
|
+ hash = siphash(&combined, sizeof(combined), &net->ipv4_ip_id_key);
|
||||||
|
|
||||||
|
/* Treat id of 0 as unset and if we get 0 back from ip_idents_reserve,
|
||||||
|
* set the hight order instead thus minimizing possible future
|
|
@ -304,3 +304,4 @@ features/all/ena/0018-net-ena-update-driver-version-from-2.0.1-to-2.0.2.patch
|
||||||
debian/abi/tcp-avoid-abi-change-for-dos-fixes.patch
|
debian/abi/tcp-avoid-abi-change-for-dos-fixes.patch
|
||||||
debian/abi/x86-cpufeatures-move-swapgs-feature-bits-to-existing.patch
|
debian/abi/x86-cpufeatures-move-swapgs-feature-bits-to-existing.patch
|
||||||
debian/abi/revert-x86-cpufeatures-combine-word-11-and-12-into-a-new-sc.patch
|
debian/abi/revert-x86-cpufeatures-combine-word-11-and-12-into-a-new-sc.patch
|
||||||
|
debian/abi/inet-avoid-abi-change-for-ip-id-hash-change.patch
|
||||||
|
|
Loading…
Reference in New Issue