Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichal Kubecek <mkubecek@suse.cz>2019-07-09 08:58:53 +0200
committerMichal Kubecek <mkubecek@suse.cz>2019-07-09 08:59:12 +0200
commita6aaebc567263a5b2455f252d5a8a8332399adad (patch)
tree6bf33376209f8eba8647b490d5696732e7d16ff5
parent6a7008dde1f881fa00baa96f8b0cff2477de0a10 (diff)
kabi: handle addition of netns_ipv4::ip_id_key (CVE-2019-10638
bsc#1140575). suse-commit: 8c9c6736866b6ca2177b6695b0b9b3870042cffe
-rw-r--r--include/net/net_namespace.h1
-rw-r--r--include/net/netns/ipv4.h1
-rw-r--r--net/ipv4/route.c7
-rw-r--r--net/ipv6/output_core.c7
4 files changed, 7 insertions, 9 deletions
diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index cfcf3d25552d..d36a283d31f2 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -156,6 +156,7 @@ struct net {
struct uevent_sock *uevent_sock; /* uevent socket */
int sysctl_tcp_min_snd_mss;
u32 hash_mix;
+ siphash_key_t ip_id_key;
#endif
};
diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
index 34f139fee595..c7d6e2d788fd 100644
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h
@@ -160,6 +160,5 @@ struct netns_ipv4 {
unsigned int fib_seq; /* protected by rtnl_mutex */
atomic_t rt_genid;
- siphash_key_t ip_id_key;
};
#endif
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index ab39c17fad3e..4540b73f2189 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -516,14 +516,13 @@ void __ip_select_ident(struct net *net, struct iphdr *iph, int segs)
u32 hash, id;
/* Note the following code is not safe, but this is okay. */
- if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key)))
- get_random_bytes(&net->ipv4.ip_id_key,
- sizeof(net->ipv4.ip_id_key));
+ if (unlikely(siphash_key_is_zero(&net->ip_id_key)))
+ get_random_bytes(&net->ip_id_key, sizeof(net->ip_id_key));
hash = siphash_3u32((__force u32)iph->daddr,
(__force u32)iph->saddr,
iph->protocol,
- &net->ipv4.ip_id_key);
+ &net->ip_id_key);
id = ip_idents_reserve(hash, segs);
iph->id = htons(id);
}
diff --git a/net/ipv6/output_core.c b/net/ipv6/output_core.c
index 868ae23dbae1..7f191a24f363 100644
--- a/net/ipv6/output_core.c
+++ b/net/ipv6/output_core.c
@@ -24,11 +24,10 @@ static u32 __ipv6_select_ident(struct net *net,
u32 hash, id;
/* Note the following code is not safe, but this is okay. */
- if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key)))
- get_random_bytes(&net->ipv4.ip_id_key,
- sizeof(net->ipv4.ip_id_key));
+ if (unlikely(siphash_key_is_zero(&net->ip_id_key)))
+ get_random_bytes(&net->ip_id_key, sizeof(net->ip_id_key));
- hash = siphash(&combined, sizeof(combined), &net->ipv4.ip_id_key);
+ hash = siphash(&combined, sizeof(combined), &net->ip_id_key);
/* Treat id of 0 as unset and if we get 0 back from ip_idents_reserve,
* set the hight order instead thus minimizing possible future